generate report showing loing and logout ?
We are using authentication manager 8.2 - the clients are Cisco anyconnect ver 4.x and they are Radius authenticated against this server from a ASA VPN firewall
We try to pull reports showing user activity but there is a small problem there - we can easiely see when the user is logged in but not when the session is teard down again. Is there a limitations here?
The asa is using this setup:
aaa-server RSA-RADIUS protocol radius
aaa-server RSA-RADIUS (dmz) host x.x.x.x
- cisco asa
- Cloud Auth
- Cloud Authentication
- Cloud Authentication Service
- Community Thread
- Forum Thread
- RSA SecurID
- RSA SecurID Access
That's not something that the Authentication Manager would track. Basically we say pass/fail to the authentication request in the beginning of the exchange and then we are out of the picture. We do not monitor the connection.
Are you sure? See – if we look here: https://community.rsa.com/docs/DOC-59738
You can use the Security Console to complete most tasks associated with managing RADIUS day-to-day operations.
Through the Security Console, you can manage the following objects:
· RADIUS servers. Server that receives users' access requests from RADIUS clients and forwards them to Authentication Manager for validation. A RADIUS server also forwards accept or reject messages from Authentication Manager to the requesting clients.
· RADIUS clients. RADIUS-enabled device at the network perimeter that enforces access control for users attempting to access network resources.
· RADIUS profiles. Named collection of checklist and return list attributes that specify session requirements for a user requesting remote network access.
· RADIUS user attributes. RADIUS attributes that you assign to a user or trusted user outside of a profile.
· RADIUS accounting. Usage statistics of the RADIUS servers and clients for billing or auditing purposes.
But I can’t fint any reports that reflects this. If I look at the dropdown below radius this might not be useable for that purpose…
Br /thomas iwang
Fra: Brian Twomey
Sendt: 28. marts 2017 17:33
Til: Iwang, Thomas
Emne: Ang.: - Re: generate report showing loing and logout ?
RSA Link <https://urldefense.proofpoint.com/v2/url?u=https-3A__community.rsa.com_-3Fet-3Dwatches.email.thread&d=DwMFaQ&c=kne2dvCMgnN2K-cxlZBJC3l0HNNb7WroqdHGaKuuoSA&r=ahkE4DXYqIVuTFxiqXzgYhUL64Kw6uer99k0_Ce-dfg&m=e868DrNs3_wlqptRL5TCnHfr2uuJ_woMwQyb4XXZ3JQ&s=uk1XIVUsY4YAlrL8KVFEMpJA_rrvlbCg7I0v6gm5wWg&e=>
Re: generate report showing loing and logout ?
svar fra Brian Twomey<https://urldefense.proofpoint.com/v2/url?u=https-3A__community.rsa.com_people_Za44oSGf4lBcqAg6GLgcZTV1Pw3tNOBAveE1IXxjtvY-3D-3Fet-3Dwatches.email.thread&d=DwMFaQ&c=kne2dvCMgnN2K-cxlZBJC3l0HNNb7WroqdHGaKuuoSA&r=ahkE4DXYqIVuTFxiqXzgYhUL64Kw6uer99k0_Ce-dfg&m=e868DrNs3_wlqptRL5TCnHfr2uuJ_woMwQyb4XXZ3JQ&s=xky7AMCeTfbypGuXXvyXiIbKd--V7B2S9fh0Bqdnm0c&e=> i RSA SecurID Suite - Se den fulde debat<https://urldefense.proofpoint.com/v2/url?u=https-3A__community.rsa.com_message_889645-3FcommentID-3D889645-26et-3Dwatches.email.thread-23comment-2D889645&d=DwMFaQ&c=kne2dvCMgnN2K-cxlZBJC3l0HNNb7WroqdHGaKuuoSA&r=ahkE4DXYqIVuTFxiqXzgYhUL64Kw6uer99k0_Ce-dfg&m=e868DrNs3_wlqptRL5TCnHfr2uuJ_woMwQyb4XXZ3JQ&s=iET6vr7kT5JIR7fU204Qqn0FU0KfFG-MgRUPgYzcx80&e=>