VPN Logs

IPsec, L2TP, Split tunneling, PPTP and all other VPN related posts.
Guest

VPN Logs

Post by Guest » Wed Aug 25, 2010 3:06 pm

HiI wanted to know is there a way through ASDM to look at if a user was connected to the network over the weekend and if so for how long.Thanks in advance and have a great day.

Guest

Re:VPN Logs

Post by Guest » Wed Aug 25, 2010 4:02 pm

Hello, You could look at the buffer config you have and see if you have logs stored, internal buffer can only store upto 1MB but by default it is 4KB unless you change it. Depending on the chattiness of your device i would say the old logs are probably gone. So to answer your question it is not possible to look at this info. if you have a external syslog server like MARS then you could probably get this info. hope this helps. Thanks,--Sunil

Guest

Re:VPN Logs

Post by Guest » Wed Aug 25, 2010 5:14 pm

Thanks

Guest

Re:VPN Logs

Post by Guest » Wed Aug 25, 2010 6:51 pm

You can enable logging in ASDM under Monitoring with a severity of 4 or higher and you should see some syslog messages: 4|Aug 23 2010|14:28:33|113019|||||Group = IPSEC-RA, Username = ipsec-ra, IP = x.x.x.x, Session disconnected. Session Type: IPsec, Duration: 0h:01m:46s, Bytes xmt: 540, Bytes rcv: 576, Reason: User Requested On the CLI: show log | i ASA-4-113019%ASA-4-113019: Group = IPSEC-RA, Username = ipsec-ra, IP = x.x.x.x, Session disconnected. Session Type: IPsec, Duration: 0h:01m:46s, Bytes xmt: 540, Bytes rcv: 576, Reason: User Requested CLI command would be: logging enablelogging asdm informational (for ASDM)logging buffered informational (for CLI buffer logging) 

Post Reply