Solved

Enabling syslog informational logging without seeing VPN teardowns

Posted on 2009-04-01
3
337 Views
Last Modified: 2012-05-06
Is there a way to setup syslogging on a pix or asa, so that my syslog server doesn't get flooded with VPN information?  Right now it is set to emergencies. Because when I use the informational type of logging, I get all of the VPN info.

I just want to see log ins, log outs, user changes etc etc.

Thanks in advance
0
Comment
Question by:dissolved
  • 2
3 Comments
 
LVL 10

Accepted Solution

by:
stsonline earned 500 total points
ID: 24052629
The easiest way would be to configure the firewall to exclude certain messages by ID - check out this link on Cisco's web site:

http://www.cisco.com/en/US/docs/security/asa/asa80/system/message/logmsgs.html

0
 

Author Closing Comment

by:dissolved
ID: 31568638
can you give me an example command?
0
 
LVL 10

Expert Comment

by:stsonline
ID: 24188409
Sure... you enter the message ID you do NOT want to record one line at a time prefixed by the word 'no'. For example, if you don't care about a VPN client with no split-tunneling enabled and don't want to know when a Phase 1 retrans or keep-alive is received, you'd get into configuration mode and create four entries, one each for message ID 611301, 611302, 702204, and 715075:

no logging message 611301
no logging message 611302
no logging message 702204
no logging message 715075

0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

I recently had the displeasure of buying a new firewall at one of the buildings I play Sys Admin at. I had to get a better firewall than the cheap one that I had there since I was reconnecting the main office to the satellite office via point-to-poi…
Hi All,  Recently I have installed and configured a Sonicwall NS220 in the network as a firewall and Internet access gateway. All was working fine until users started reporting that they cannot use the Cisco VPN client to connect to the customer'…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now