Log PC hostname&IP from Cisco VPN Client to IAS log ?

jan.pauler · ‎03-25-2008

Is there a way to configure Cisco VPN Client or Cisco router 2811 so, that they provide hostname and ip address information about the remote VPN client PC, which is trying to connect? Right now we use IAS W2K as authentication server together with AD. This setup works, but we would like to see more information in the logs IAS is creating and I am thinking that possibly Cisco SW or HW is not providing this information right now. Any recommandations?

Current(modified)log info:

User common_user was granted access.

Fully-Qualified-User-Name = domain/OU/common_user

NAS-IP-Address = Router inside IP

NAS-Identifier = <not present>

Client-Friendly-Name = Router hostname

Client-IP-Address = Router inside IP

NAS-Port-Type = <not present>

NAS-Port = <not present>

Policy-Name = Allow access if dial-in permission is enabled

Authentication-Type = PAP

EAP-Type = <undetermined>

markus.jahnke · ‎03-25-2008

is radius accounting already configured on your router? It provides the information you're looking for at least for successful authentications, but I'm not sure about the rejected ones.

Perhabs the routers log could give you more detailed information.

jan.pauler · ‎03-26-2008

Markus, thanks for answering. Well, I use the aaa accounting commands in our router like this:

aaa accounting send stop-record authentication failure

aaa accounting delay-start

aaa accounting exec default start-stop group radius

aaa accounting network default start-stop group radius

aaa accounting connection default start-stop group radius

aaa session-id common

I do not know if there is some better config possible. Also I do not know, if the additional info I want to gather, has to be configured on the router or if the configuration of IAS is involved in this. But with this config I get on our IAS server log only the output you can see in my first reply.

Thanks for helping out.