Hi there,
currently no log can be found for user who connected to any Cisco anyconnect servers even bandwidth usage log. It seems that they completely bypassed the firewall. any suggestion?
Thanks,
This thread was automatically locked due to age.
Hi there,
currently no log can be found for user who connected to any Cisco anyconnect servers even bandwidth usage log. It seems that they completely bypassed the firewall. any suggestion?
Thanks,
Mahmood, if you're asking about users that connected to the UTM's 'Cisco VPN Client' Remote Access, look in the IPsec log and in 'Logging & Reporting >> Remote Access'. If you didn't find what you need, please explain what question you're trying to get an answer for.
Cheers - Bob
Bob, thank you for the the reply. Actually I meant that the users behind the firewall who connected to a third party Cisco any connect servers. Since we have lots of restricted websites in our country, users usually use such tricks to bypass the restriction.
Bob, thank you for the the reply. Actually I meant that the users behind the firewall who connected to a third party Cisco any connect servers. Since we have lots of restricted websites in our country, users usually use such tricks to bypass the restriction.
Well, I'm philosophically opposed to such restrictions, but I suppose you must demonstrate an effort to comply with the law. In 'Application Control', you can make a rule that blocks everything in 'VPN and Tunneling'. Above that, make a rule that allows and logs accesses from specific IPs where people have demonstrated a valid need. Alternatively, Allow and Log for everyone and you will be able to see any such activity in Logging & Reporting.
Cheers - Bob
Bob, I am against any restriction either and do not have any obligation against users who try to bypass the restriction. but I do need to know such VPN users bandwidth usage. your solution works for any VPN application but not Cisco anyconnect.