cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
220
Views
0
Helpful
2
Replies

Logging VPN users

ciscors
Beginner
Beginner

Is there a way to log VPN RAS connections on PIX? I know a high level of syslog would show that but that'll require going through tons of logs. Any other graceful method do this except investing in a radius server?

2 Replies 2

Patrick Laidlaw
Enthusiast
Enthusiast

Hello,

You can use a syslog server like Kiwi syslog which has the ability to filter out entrys very easily.

Other than a Radius server I can't think of a way to specifically send a syslog message just for user log ins.

As of 7.0 I'm not sure if it has the ability to specify snmp traps for user log ins.

Patrick

Patrick.

Doesn't look like. The traps haven't changed much from 6.x to 7.x. The below is taken from a 7.x config guide:

The security appliance sends the following core SNMP traps:

• authentication—An SNMP request fails because the NMS did

authenticate with the correct community string.

• linkup—An interface has transitioned to the “up” state.

• linkdown—An interface is down, for example, if you removed

nameif command.

• coldstart—The security appliance is running after a reload.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers