Solved

How to enable and view IPSEC VPN on Cisco ASA 5510?

Posted on 2013-05-16
9
474 Views
Last Modified: 2013-05-31
Hi there,

How can I enable logging for IPSEC VPN on Cisco ASA 5510 and then view and filter by username and date range?

Thanks.
CB
0
Comment
Question by:czarbapora
  • 5
  • 4
9 Comments
 
LVL 28

Expert Comment

by:asavener
Comment Utility
You want to see who uses your remote access VPN?
0
 
LVL 28

Expert Comment

by:asavener
Comment Utility
Command line to see who's currently on:

sh vpn-sessiondb remote

Otherwise, log "warning" messages and above to a syslog and then check the log.
0
 

Author Comment

by:czarbapora
Comment Utility
Not currently on. I want to find a user who was on the VPN last month.
0
 
LVL 28

Expert Comment

by:asavener
Comment Utility
How do your users authenticate?

Unless you were keeping logs already, I think the data is gone.
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 

Author Comment

by:czarbapora
Comment Utility
Through Cisco VPN Client
0
 
LVL 28

Expert Comment

by:asavener
Comment Utility
No, that's where they enter their credentials.  The ASA should have an authentication method assigned to the remote access VPN.  (Typically, it's user accounts on the ASA, a RADIUS server, or Kerberos/Active Directory.)
0
 

Author Comment

by:czarbapora
Comment Utility
You are correct, users authenticate with the user account on the ASA.

Thanks.
0
 
LVL 28

Accepted Solution

by:
asavener earned 500 total points
Comment Utility
OK.

Then user authentication would be logged on the ASA.  By this time, the buffer will be flushed, so your only hope is that the ASA sends log entries to a syslog server.
0
 

Author Closing Comment

by:czarbapora
Comment Utility
Thank you.
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

I have seen some questions on problems with SSH/telnet access to Cisco routers that may occur despite the fact that from a PC connected to your LAN, Internet connectivity is in place and users can access Internet sites without any issues.  There are…
Hello , This is a short article on how would you go about enabling traceoptions on a Juniper router . Traceoptions are similar to Cisco debug commands but these traceoptions are implemented in Juniper networks router . The following demonstr…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now