[c-nsp] VPN Auditing

Seth Mattinen sethm at rollernet.us
Fri Aug 28 16:25:12 EDT 2009


Paul Stewart wrote:
> Hi folks...
> 
>  
> 
> We have a site that runs a Cisco 2800 with a IOS VPN server.  Users connect
> via their Cisco VPN clients to gain access to an internal network there...
> 
>  
> 
> I would like to start auditing it a bit more and have a way to tell who
> logged in and when.  Is this difficult?  I've searched around and found more
> complex things that can be accomplished but currently the security policy
> only permits user authentication auditing.  The users are currently
> authenticated off a local configuration - would moving them to Radius make
> more sense or can I do this with builtin usernames?
> 

I would move to radius; it'll give you accounting too.

~Seth


More information about the cisco-nsp mailing list