[c-nsp] Logging remote access logins

Hank Nussbacher hank at efes.iucc.ac.il
Wed Mar 5 02:14:55 EST 2008


At 03:14 PM 05-03-08 +0900, Aaron R wrote:
>Hey guys,
>
>
>
>Is there an easy way to log remote access login attempts on the cisco kit? I
>see there is a way to enable configuration change logs but I don't see an
>option to log accepted logins / failed logins etc.

1) Log which IPs logged in or were rejected:
line vty 0 4
access-class 15 in
! if IPv6 enabled - don't forget to have access-class on ipv6 as well
ipv6 access-class vty in
transport input telnet ssh
!
access-list 15 permit xx.40.yy.69 log
access-list 15 permit xx.102.yy.47 log
access-list 15 deny   any log

2) logging userinfo:
http://ioshints.blogspot.com/2006/11/log-user-privilege-level-changes.html

-Hank



More information about the cisco-nsp mailing list