Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Active VPN connections

Posted on 2011-02-20
1
Medium Priority
?
471 Views
Last Modified: 2012-05-11
Cisco ASA 5505
Microsoft 2008 NPS

VPN users authenticate to Cisco using AD and NPS.

Is there a tool out there that I can use to monitor connections? I want to log the VPN connections and length of time, possibly even amount of data transferred/received.

0
Comment
Question by:shankshank
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 42

Accepted Solution

by:
kevinhsieh earned 2000 total points
ID: 34942124
The ASA can show you that information for active VPN sessions. Just login to the ASA using the GUI ASDM and go to monitoring VPN connections. For historical information you would need to have the ASA send syslog messages to a syslog server which can then store the raw log information and hopefully present it to you in a useful format. A basic syslog server is Kiwi <http://www.kiwisyslog.com> . You could have Kiwi email you every time a VPN connection closed, which would include session time, user, and bytes transferred, For something that shows you a useful report you would need a logging tool with a reporting feature such as LogLogin, LogRhythm, HP ArcSight, Dell SecureWorks, possibly Splunk, AlienVault, etc. Who knows, maybe someone has already written an open source tool to go through the syslog to pull out the information.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
There’s a movement in Information Technology (IT), and while it’s hard to define, it is gaining momentum. Some call it “stream-lined IT;” others call it “thin-model IT.”
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question