ASA Employee VPN Monitoring

I have two questions regarding a Cisco ASA and VPN Monitoring

1.  There are a lot of employees whom have VPN credentials.  Is there a way for me to find out when the last time their credentials were used?

2.  Is there a way to receive an email alert each time an employee makes a VPN connection using AnyConnect? If yes, can their user name be included in the email?
deklinmAsked:
Who is Participating?
 
JorisFRSTCommented:
Use kiwi syslog to catch your logs, even the free version has Conditional e-mail alerting

add : logging class vpn trap informational

so it will send informational logging for vpn connections, including the username.

Build email filters in kiwi syslog.

http://www.kiwisyslog.com/kiwi-syslog-server-compare-versions/

0
 
John MeggersNetwork ArchitectCommented:
Are you logging authentications, or using an external back-end auth server such as ACS?  That's about the only way I'm aware of you can track when someone last authenticated.  I don't know of a way of generating the e-mail right out of the ASA.  Again, I think you would need some kind of management platform to provide that functionality.
0
 
ValmarkCommented:
The ASA supports AAA and can use RADIUS and TACACS+ for accounting functions.  Receiving email alerts will depend on what implementation of the above you choose to use.

0
 
deklinmAuthor Commented:
I am using Active Directory for authentiation
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.