Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1107
Views
0
Helpful
2
Replies

VPN Audit and Analysis

tim_roper2
Level 1
Level 1

‎02-22-2005 09:05 AM - edited ‎02-21-2020 01:37 PM

Can the VPN concentrator line keep track of what users are accessing as well as log this information? If not, are there any solutions (Cisco preferred) that will report who, where, when and what users are accessing when they start a VPN session? Thanks, Tim

Labels:
0 Helpful
2 Replies 2

gfullage
Cisco Employee
Cisco Employee

‎02-24-2005 08:50 PM

The concentrator will send Radius Accounting records for when a user connects and disconnects, no problem.

Our SAFE documents (www.cisco.com/go/safe) advise that you plug the private interface of the concentrator into a DMZ of a firewall so you can not only restrict access to your network to the VPN clients, but the firewall can then provide logging of all connections opened by the VPN users. These logs should then be stored safely and kept for a period of time in case they're ever needed for litigation, etc.

0 Helpful

tim_roper2
Level 1
Level 1
In response to gfullage

‎02-25-2005 05:29 AM

However, I still have the problem of searching back through multiple log files and correlating VPN user IP addresses with the username that was using the IP at that instant. Is there a way to merge the firewall logs with the VPN concentrator logs in order to generate one log that states what each user accesses?

0 Helpful
Customers Also Viewed These Support Documents