DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
Logging of VPN access
- protech
- Topic Author
- Offline
- New Member
Less
More
- Posts: 9
- Thank you received: 0
24 May 2023 09:39 #102500
by protech
Logging of VPN access was created by protech
Hi guys,
We have several remote VPN users that connect to our Draytec using L2TP VPN's. Is is possible to record to a log file (maybe via a Syslog Server)
when a user connects/disconnects to the VPN in order that we can track remote access to our network? Or maybe there is some other way to track when a user connects?
Thanks
PT
We have several remote VPN users that connect to our Draytec using L2TP VPN's. Is is possible to record to a log file (maybe via a Syslog Server)
when a user connects/disconnects to the VPN in order that we can track remote access to our network? Or maybe there is some other way to track when a user connects?
Thanks
PT
Please Log in or Create an account to join the conversation.
- iamq-yesiam
- Offline
- Junior Member
Less
More
- Posts: 68
- Thank you received: 0
24 May 2023 18:09 #102501
by iamq-yesiam
Replied by iamq-yesiam on topic Re: Logging of VPN access
Yes if you point the router to a working syslog server and switch on vpn logging you should see all sorts of stuff. (for example) L2PT & the others all work in a similar way.
[H2L][UP][IPsec][@1:user_name from 1.1.1.1]
## XAuth DBG : Verify Username/Password : user_name/********* ifno = 19 index = 1#012#015: 1 Time(s)
[H2L][DOWN][IPsec][@1:user_name from 1.1.1.1](total time connected : 00:02:00)
There is a lot of noise when you include all the handshake stuff and the endless probes you will see from the likes of censys/shodan/etc so you might want to use something like logwatch to keep things in check.
[H2L][UP][IPsec][@1:user_name from 1.1.1.1]
## XAuth DBG : Verify Username/Password : user_name/********* ifno = 19 index = 1#012#015: 1 Time(s)
[H2L][DOWN][IPsec][@1:user_name from 1.1.1.1](total time connected : 00:02:00)
There is a lot of noise when you include all the handshake stuff and the endless probes you will see from the likes of censys/shodan/etc so you might want to use something like logwatch to keep things in check.
Please Log in or Create an account to join the conversation.
Moderators: Sami
Copyright © 2024 DrayTek