Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 532
  • Last Modified:

How to enable and view IPSEC VPN on Cisco ASA 5510?

Hi there,

How can I enable logging for IPSEC VPN on Cisco ASA 5510 and then view and filter by username and date range?

Thanks.
CB
0
czarbapora
Asked:
czarbapora
  • 5
  • 4
1 Solution
 
asavenerCommented:
You want to see who uses your remote access VPN?
0
 
asavenerCommented:
Command line to see who's currently on:

sh vpn-sessiondb remote

Otherwise, log "warning" messages and above to a syslog and then check the log.
0
 
czarbaporaAuthor Commented:
Not currently on. I want to find a user who was on the VPN last month.
0
KuppingerCole Reviews AlgoSec in Executive Report

Leading analyst firm, KuppingerCole reviews AlgoSec's Security Policy Management Solution, and the security challenges faced by companies today in their Executive View report.

 
asavenerCommented:
How do your users authenticate?

Unless you were keeping logs already, I think the data is gone.
0
 
czarbaporaAuthor Commented:
Through Cisco VPN Client
0
 
asavenerCommented:
No, that's where they enter their credentials.  The ASA should have an authentication method assigned to the remote access VPN.  (Typically, it's user accounts on the ASA, a RADIUS server, or Kerberos/Active Directory.)
0
 
czarbaporaAuthor Commented:
You are correct, users authenticate with the user account on the ASA.

Thanks.
0
 
asavenerCommented:
OK.

Then user authentication would be logged on the ASA.  By this time, the buffer will be flushed, so your only hope is that the ASA sends log entries to a syslog server.
0
 
czarbaporaAuthor Commented:
Thank you.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now