Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
443
Views
0
Helpful
1
Replies

VPN User accounting.

pulkit.sharma
Level 1
Level 1

‎06-08-2011 01:56 AM

Hi,

I want to audit IPSec VPN users connecting to my ASA 5510 box. I need the following informations -

1. Time of connection and disconnection.

2, Username.

3. Public IP address.

4. Private IP address.

5. Details of the network resource usage by IPSec VPN client.

6. Services accesses by Users.

Please suggest if this kind of audit is possible with Cisco ASA or any other software.

Thanks and regards,

Pulkit Sharma

Labels:
0 Helpful
1 Reply 1

JORGE RODRIGUEZ
Level 10
Level 10

‎06-08-2011 08:36 AM

Pulkit,

For this type of information you need some sort of management environment where ALL your requirements  related to IPsec RA connections   can be collected and then audited  , I do not see any otherway to get this information unless you want to use plain syslog server and  filter VPN syslog IDs pertaining to VPN information and send it to syslog server and then look at hundreds of lines in  plain text logs..  not a fun thing to do..

You can google something like  Firewall management software, there are quite few out there   like fireplotter from fireplotter.com ,  Cisco  has one called  Cisco Security manager   http://www.cisco.com/en/US/products/ps6498/index.html

Firewall analyser is another one  from manage engine http://www.manageengine.com/products/firewall/

Regards

Jorge Rodriguez
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents