Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Not applicable

Created on ‎01-09-2006 04:08 AM

Logging PPTP user logon

Hello, I need to give reports about PPTP VPN users connections. I must provide an email report of WHO has logged on and off, and at what time. I' ve configured the FortiGate-100A to send its logs to a remote unix syslog, and I see messages when users log. but there is no reference to the username, for instance: Jan 2 18:05:13 192.168.1.253 date=2006-01-02 time=17:25:35 device_id=XXXXX log_id=0103029001 type=event subtype=ppp pri=information vd=root user=none local=x.y.w.z remote=x.y.w.z assigned=x.y.w.z stat=" OK" msg=" CTRL: Client x.y.w.z control connection started" user=none ... is it possible to have the username logged?
1334
0 Kudos
5 REPLIES 5
Not applicable

Created on ‎08-09-2007 02:25 AM

is there any update with this thread? im having the same issues.. (v3.0 mr5)
953
0 Kudos
abelio
SuperUser
SuperUser
In response to

Created on ‎08-09-2007 08:28 AM

Unless for 3.0 MR1 and MR3 patch10 we can see PPTP logged user-names in logs (memory, FAZ and external syslog) I' ve noticed that issue in 2.80 but not with 3.0 family. Did you defined those users as LOCAL to your fortibox?

regards




/ Abel

regards / Abel
953
0 Kudos
Not applicable
In response to abelio

Created on ‎08-09-2007 08:31 PM

yes sir, username and password were defined under user/local at the fortinet box. is there something were missing here? thanks!
953
0 Kudos
abelio
SuperUser
SuperUser
In response to

Created on ‎08-10-2007 08:09 AM

Then, I' m not sure.. PPP details are logged if ' event' log are enabled; enable memory logging for a while to check if you can see ppp details as you need in memory event logs Could you post the output of cli command: " show full-configuration log syslogd filter" ?

regards




/ Abel

regards / Abel
953
0 Kudos
Not applicable
In response to abelio

Created on ‎08-10-2007 11:41 PM

Hi Abelio, You are correct! Connected users are logged and can be found at the Log&Report/Log Access/Memory in the Web GUI. This is the sample screenshot: http://img518.imageshack.us/my.php?image=fgt60pptplogxd0.jpg also, this is the output of CLI command " show full-configuration log syslogd filter" as you requested. config log syslogd filter set attack enable set email enable set im enable set severity alert set traffic enable set virus enable set web enable set allowed enable set anomaly enable set blocked enable set email-log-imap enable set email-log-pop3 enable set email-log-smtp enable set ftgd-wf-block enable set ftgd-wf-errors enable set im-all enable set infected enable set other-traffic disable set oversized enable set signature enable set url-filter enable set violation enable set web-content enable set web-filter-activex enable set web-filter-applet enable set web-filter-cookie enable end Many thanks to you sir! Erwin
953
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.