Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

CISCO 1800 VPN Activity Logging

Status
Not open for further replies.

vbahuse

Technical User
Sep 20, 2007
33
CA
Hello all,

I've recently added a Cisco 1800 series router to my network in order to provide VPN access from the outside through the use of the Cisco VPN Client software. I don't have many users which access the site but have been asked if I can keep a log of who logged in, when, and for how long. Is this possible, and if so what configuration change(s) do I have to make.

By the way, I used the Cisco Security Device Manager to configure the router for VPN and use local authentication (i.e. each user has an account right in the router to gain access via VPN).

Thanks,

vbahuse
 
Burt,

Thanks for the link. I've had a quick review of the pdf but have noticed that none of the IP accounting methods discussed can identify the user by login account. The table on the last page indicates that only IP address or MAC address can be used depending on the IP accounting method.

I guess this is far more complicated than I thought. I had assumed that there was a CLI command to view relatively recent activity (i.e. something like show cypto session but with a history of logins as opposed to current ones.)

Anyway thanks for the reply,

vbahuse
 
The cheapest and fastest way is to install IAS on your active directory server. You then authenticate the vpn users to IAS and you can configure IAS to log.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top