Solved

Active VPN connections

Posted on 2011-02-20
1
468 Views
Last Modified: 2012-05-11
Cisco ASA 5505
Microsoft 2008 NPS

VPN users authenticate to Cisco using AD and NPS.

Is there a tool out there that I can use to monitor connections? I want to log the VPN connections and length of time, possibly even amount of data transferred/received.

0
Comment
Question by:shankshank
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 42

Accepted Solution

by:
kevinhsieh earned 500 total points
ID: 34942124
The ASA can show you that information for active VPN sessions. Just login to the ASA using the GUI ASDM and go to monitoring VPN connections. For historical information you would need to have the ASA send syslog messages to a syslog server which can then store the raw log information and hopefully present it to you in a useful format. A basic syslog server is Kiwi <http://www.kiwisyslog.com> . You could have Kiwi email you every time a VPN connection closed, which would include session time, user, and bytes transferred, For something that shows you a useful report you would need a logging tool with a reporting feature such as LogLogin, LogRhythm, HP ArcSight, Dell SecureWorks, possibly Splunk, AlienVault, etc. Who knows, maybe someone has already written an open source tool to go through the syslog to pull out the information.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question