Is there a way to log VPN RAS connections on PIX? I know a high level of syslog would show that but that'll require going through tons of logs. Any other graceful method do this except investing in a radius server?
You can use a syslog server like Kiwi syslog which has the ability to filter out entrys very easily.
Other than a Radius server I can't think of a way to specifically send a syslog message just for user log ins.
As of 7.0 I'm not sure if it has the ability to specify snmp traps for user log ins.
Doesn't look like. The traps haven't changed much from 6.x to 7.x. The below is taken from a 7.x config guide:
The security appliance sends the following core SNMP traps:
authenticationAn SNMP request fails because the NMS did
authenticate with the correct community string.
linkupAn interface has transitioned to the up state.
linkdownAn interface is down, for example, if you removed
coldstartThe security appliance is running after a reload.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: