Solved

How to enable and view IPSEC VPN on Cisco ASA 5510?

Posted on 2013-05-16
9
487 Views
Last Modified: 2013-05-31
Hi there,

How can I enable logging for IPSEC VPN on Cisco ASA 5510 and then view and filter by username and date range?

Thanks.
CB
0
Comment
Question by:czarbapora
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
9 Comments
 
LVL 28

Expert Comment

by:asavener
ID: 39171958
You want to see who uses your remote access VPN?
0
 
LVL 28

Expert Comment

by:asavener
ID: 39171967
Command line to see who's currently on:

sh vpn-sessiondb remote

Otherwise, log "warning" messages and above to a syslog and then check the log.
0
 

Author Comment

by:czarbapora
ID: 39172639
Not currently on. I want to find a user who was on the VPN last month.
0
Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

 
LVL 28

Expert Comment

by:asavener
ID: 39172699
How do your users authenticate?

Unless you were keeping logs already, I think the data is gone.
0
 

Author Comment

by:czarbapora
ID: 39172718
Through Cisco VPN Client
0
 
LVL 28

Expert Comment

by:asavener
ID: 39172740
No, that's where they enter their credentials.  The ASA should have an authentication method assigned to the remote access VPN.  (Typically, it's user accounts on the ASA, a RADIUS server, or Kerberos/Active Directory.)
0
 

Author Comment

by:czarbapora
ID: 39211610
You are correct, users authenticate with the user account on the ASA.

Thanks.
0
 
LVL 28

Accepted Solution

by:
asavener earned 500 total points
ID: 39211712
OK.

Then user authentication would be logged on the ASA.  By this time, the buffer will be flushed, so your only hope is that the ASA sends log entries to a syslog server.
0
 

Author Closing Comment

by:czarbapora
ID: 39211737
Thank you.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question