Solved

How can I log only specific messages in a Cisco ASA 5505?

Posted on 2012-03-29
2
617 Views
Last Modified: 2012-03-30
The client has a site-to-site VPN with a remote location.  The users then RDP into a remote server and complain about sporadic dropped RDP sessions.  I have turned on logging (buffer informational), but I am seeing too much non-relevant traffic.  I would specifically like to only log the following:

1.  Built inbound TCP connection (302013)
2.  Teardown TCP connection (302014)
3.  Deny TCP (no connection) from ( 106015)

It would be great to limit it to 3389 only, but I will take what I can get on this.  I would appreciate any help on possible syntax to limit the logging to these messages.
0
Comment
Question by:Yockos
2 Comments
 
LVL 32

Accepted Solution

by:
harbor235 earned 500 total points
Comment Utility
You can run debug commands for the VPN related events only, but the log will still grab other events. Ideally you want to log these events to a SYSLOG server where there are lots of tools available for parsing logs. Fro instance if you are on a *NIX SYSLOG server than egrep is your friend. There is also SPLUNK(costly), SolarWinds, etc ...and other pay parsing software suites


harbor235 ;}
0
 

Author Comment

by:Yockos
Comment Utility
I was afraid of that.  I thought about a syslog server, but it might be too much effort at this point.  I will see if I can catch the problem when they report the drop (they are supposed to as soon as it happens).  If this does not work, then I will re-visit setting up a syslog server or using ASDM.

Thanks for the input.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

Like many others, when I created a Windows 2008 RRAS VPN server, I connected via PPTP, and still do, but there are problems that can arise from solely using PPTP.  One particular problem was that the CFO of the company used a Virgin Broadband Wirele…
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now