IPsec, L2TP, Split tunneling, PPTP and all other VPN related posts.
1 post • Page 1 of 1
Hello, You could look at the buffer config you have and see if you have logs stored, internal buffer can only store upto 1MB but by default it is 4KB unless you change it. Depending on the chattiness of your device i would say the old logs are probably gone. So to answer your question it is not possible to look at this info. if you have a external syslog server like MARS then you could probably get this info. hope this helps. Thanks,--Sunil
You can enable logging in ASDM under Monitoring with a severity of 4 or higher and you should see some syslog messages: 4|Aug 23 2010|14:28:33|113019|||||Group = IPSEC-RA, Username = ipsec-ra, IP = x.x.x.x, Session disconnected. Session Type: IPsec, Duration: 0h:01m:46s, Bytes xmt: 540, Bytes rcv: 576, Reason: User Requested On the CLI: show log | i ASA-4-113019%ASA-4-113019: Group = IPSEC-RA, Username = ipsec-ra, IP = x.x.x.x, Session disconnected. Session Type: IPsec, Duration: 0h:01m:46s, Bytes xmt: 540, Bytes rcv: 576, Reason: User Requested CLI command would be: logging enablelogging asdm informational (for ASDM)logging buffered informational (for CLI buffer logging)