Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
540
Views
0
Helpful
0
Replies

How to log connections going to vpn site subnet?

DIRC_TECH
Level 1
Level 1

‎08-21-2020 05:35 AM

My ASA has numerous site to site VPNs connected to it.  I am trying to log the connections made from the inside network to remote VPN site subnets.  ACLs, as typical are bypassed for site to site vpns, so creating ACLs with logging preference are not working.  How can you get around this?  

 

Example:
Home-ASA inside: 192.168.1.0/24
Remote-ASA inside:  10.0.0.0/24

VPN: Site to Site IPSEC Tunnel


1. User (192.168.1.100) on inside network behind Home-ASA connects to server (10.0.0.52) on Remote-ASA inside network.

2. Home-ASA logs traffic source ip: 192.168.1.100 destination ip: 10.0.0.52 port: 443.

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents