?
Solved

Configuring a Radius user accounting server on the Cisco VPN Concentrator 3060 to log when users login to the VPN

Posted on 2011-09-13
2
Medium Priority
?
469 Views
Last Modified: 2012-05-12
I have 3 Cisco VPN Concentrators that are load balanced.  I have IAS configured on two windows 2003 servers for radius authentication.  I need to start logging who and when logs into the VPN.  I know to do this I have to setup an Accounting Server on the VPN Concentrator.  The question I have is, do I choose the IAS server for the Accounting Server?  If so are their any configurations I need in IAS?  Can I log to another server besides the IAS server?  I have a guide from Cisco here in front of me, but it doesn't go to far into setting up accounting servers.  It just shows you where to go to add one, and it says to be sure that any servers you reference are properly configured.  It doesn't say what properly configured means.  Any help would be much appreciated.  Thanks.
0
Comment
Question by:denver218
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 18

Accepted Solution

by:
jmeggers earned 2000 total points
ID: 36530142
I'm not an expert on IAS but I'm sure it will do it.  I don't know exactly what, if anything, you need to do it, but a quick Google yielded the following:
http://technet.microsoft.com/en-us/library/bb742383.aspx

http://technet.microsoft.com/en-us/library/bb742384.aspx

In the 3060, see http://www.cisco.com/en/US/partner/docs/security/vpn3000/vpn3000_47/configuration/guide/servers.html#wpmkr1279893.  

There's a section on adding accounting servers.
0
 
LVL 4

Author Comment

by:denver218
ID: 36538913
I go it working.

In the concentrator I added my IAS server as an accounting server.

In IAS, I clicked on "Remote Access Logging.  In the right pane, right click on "Local File" and go to properties.  On the "Settings" tab, put a check next to what you want to log.  Now click on the "Log File" tab and choose what directory you want the log file to be in.  I clicked OK, and logging started to work.  
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: Justin
In light of the WannaCry ransomware attack that affected millions of Windows machines, you might wonder if your Mac needs protecting. Yes, it does and here is how to do it.
A look at what happened in the Verizon cloud breach.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question