10-05-2010 08:21 AM
Hey everyone,
I'd like to be able to log when a user connects/disconnects to our IPSec VPN running on a Cisco 2821 router. Can anyone point me in the right direction?
Thanks!
Ben
Solved! Go to Solution.
10-05-2010 08:42 AM
Hi, Ben:
For generic IPSec session logging, use "crypto logging session" instead.
Thanks,
Wen
10-05-2010 08:27 AM
Syslog would certainly do it. You would then have to filter your syslog on the event, but it's do-able (and cheap). I would assume that Cisco Security Manager could do it, but that might be too expensive for your environment.
10-05-2010 08:29 AM
Hi, Ben:
I'm assuming you are running ezvpn on the router. If that's the case, you could probably use the "crypto logging ezvpn group" command to log user sessions. If you are also using an external AAA server for user authentication, you could also use aaa accounting for this purpose as well.
Thanks,
Wen
10-05-2010 08:38 AM
Thanks guys, I've got logging directed at a syslog server. Wen, you're right, we are using ezvpn, alongside an IPSec VPN for unix clients. I'll give "crypto logging ezvpn group" a shot, is there something similar for the IPSec half?
Thanks!
Ben
10-05-2010 08:42 AM
Hi, Ben:
For generic IPSec session logging, use "crypto logging session" instead.
Thanks,
Wen
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide