logging of vpn traffic

Hi all

We use aour ASAs (5520 w/ 7.2.1 and 5540 w/ 7.0.5) as a firewall and as vpn concentrator for LAN2LAN and mobile VPN. The access from these VPN networks to any other network is controlled by access-lists. We have the need to know who (source ip) is accessing which target and service. By using a access-list similat to this extended permit ip any object-group vpn_networks log not int 5 extended permit aobject-group vpn_networks any log not int 5 axtended permit ip any any log disabled and using this access-list with the access-group for outgoing traffic we would be able to see some traffic. We will not be able to identify the traffic into the Internet (since it's NATed --> source ip has been changed) and will also not see blocked traffic. We have to deny the traffic in the access-lists of the group-policys since we make use of downloadable ACLs from the radius server.

Any ideas how to increase the logging? The logs are sent to our syslog server.


Reply to
Jörg Schütter
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.