|
Posted by dbowman on July 25, 2007, 9:40 am
Please log in for more thread options
My PIX 515E (running 6.5.4) is currently used to authenticate
different VPN connections from users running Cisco VPN Clients.
I would like to get a report of the users who connect to the PIX every
day.
My idea was to monitor the syslog and send an alert when a specific
string appears in the log (using kiwi syslog alert function)
I checked the syslog but I only found information regarding
ISAKMP session connected
ISAKMP Phase 1 SA created
sa created
with no info regarding the group used to connect. This is not useful
How can I get the correct information in the syslog so I can recognize
which user connected?
Otherwise, have you a better idea to get this kind of daily report?
Thanks
|
|
Posted by Al on July 25, 2007, 3:57 pm
Please log in for more thread options
> My PIX 515E (running 6.5.4) is currently used to authenticate
> different VPN connections from users running Cisco VPN Clients.
> I would like to get a report of the users who connect to the PIX every
> day.
> My idea was to monitor the syslog and send an alert when a specific
> string appears in the log (using kiwi syslog alert function)
> I checked the syslog but I only found information regarding
> ISAKMP session connected
> ISAKMP Phase 1 SA created
> sa created
> with no info regarding the group used to connect. This is not useful
> How can I get the correct information in the syslog so I can recognize
> which user connected?
> Otherwise, have you a better idea to get this kind of daily report?
> Thanks
You're probably better off looking into the 'accounting' part of AAA,
see:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/prod_configuration_examples_list.html
Should be quite easy to setup, we use FreeRADIUS running on Debian
Linux to provide authentication/accounting for vpn clients.
(Though they are terminated on an IOS router, not a PIX/ASA)
Hope that helps.
|
| Similar Threads | Posted |
| How to get a report of VPN connections on a PIX | July 25, 2007, 9:40 am |
| How to report bugs to Cisco | October 25, 2009, 7:17 am |
| How to avoid filtered status report - PIX. | June 20, 2005, 6:05 pm |
| Unused switch port report for 1/3 months | September 3, 2008, 10:42 am |
| Switch port consumption report and capacity planning. | July 14, 2006, 1:45 pm |
| Cisco Custom Historical Report for Cisco Customer Response Applications | January 17, 2006, 12:34 pm |
| Call statistics report from Cisco Call Manager? | September 6, 2006, 9:26 am |
| Dynamic NAT pool doesn't report full when pool contains interface IP | October 8, 2009, 10:22 pm |
| VPN connections | December 16, 2005, 6:57 pm |
| Multiple VPN connections out of a Pix 515 | August 15, 2005, 8:41 am |
| Pix 501 and Concurrent VPN Connections | January 27, 2006, 2:24 pm |
| two cisco dte connections | March 3, 2006, 8:28 am |
| Why does my 506 keeps deny vpn-connections. | March 27, 2006, 2:55 pm |
| Multihoming without BGP using 2 ISP connections with PAT | May 22, 2006, 11:49 am |
| PIX: Preventing connections from dmz to outside | June 17, 2005, 7:57 am |
How to get a report of VPN connections on a PIX
Yahoo!
Google
Windows Live
del.icio.us
digg
Netscape
> different VPN connections from users running Cisco VPN Clients.
> I would like to get a report of the users who connect to the PIX every
> day.
> My idea was to monitor the syslog and send an alert when a specific
> string appears in the log (using kiwi syslog alert function)
> I checked the syslog but I only found information regarding
> ISAKMP session connected
> ISAKMP Phase 1 SA created
> sa created
> with no info regarding the group used to connect. This is not useful
> How can I get the correct information in the syslog so I can recognize
> which user connected?
> Otherwise, have you a better idea to get this kind of daily report?
> Thanks