11-09-2015 09:00 AM - edited 02-21-2020 08:33 PM
My director wants a report showing all Anyconnect sessions, who made them, and the duration of the session. Does anyone know of a solution that would provide this information?
11-09-2015 11:29 AM
Hi josh.goodin,
I have created a sample configuration that you can use to retrieve information pertianing to Anyconnect users session:-
logging enable
logging timestamp
logging list Anyconnect level informational class svc
logging list Anyconnect level informational class ssl
logging list Anyconnect message 113019
logging list Anyconnect message 725002
logging list Anyconnect message 716001
logging list Anyconnect message 716002
logging list Anyconnect message 713228
logging trap Anyconnect
logging host inside <syslog server IP>
logging buffer-size 1048576
logging buffered debugging
For your reference, below messages will be logged and sent to syslog server through which you can gather the relevant details:
1. %ASA-4-113019: Group = group, Username = username, IP = peer_address, Session disconnected. Session Type: type, Duration: duration, Bytes xmt: count, Bytes rcv: count, Reason: reason
2. %ASA-6-725002 Device completed SSL handshake with remote_device interface_name: IP_address/port
3. %ASA-6-716001: Group group User user WebVPN session started.
4. %ASA-6-716002: Group group User user WebVPN session terminated: reason.
5. %ASA-6-713228: Group = group, Username = uname, IP = remote_IP_address Assigned private IP address assigned_private_IP to remote user
Ref link:-
https://supportforums.cisco.com/discussion/11271861/question-how-log-anyconnect-sessions-syslog
Regards,
Dinesh Moudgil
P.S. Please rate helpful posts.
10-21-2022 07:01 AM
With a complex load balanced many ASA setup leveraging AnyConnect VPN we need to be able to find which ASA we are connected on at any given time ideally from remote. All we see from remote is which load balanced ASA group we are using under the VPN Statistics Service IP. Is there some way to enable ASA name reporting in the AnyConnect VPN statistics or would that appear (or be made to appear) in some file on the AnyConnect client system or are there options to log that information to syslog similar to what you have logged above?
08-27-2024 06:09 AM
i'm using a tool called VPN TTG, excellent for recording VPN Clients users access and VPN connections.
ref link - vpnttg dot com.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide