Hi there,
I set up successfully working RA-Connections with IPSEC and L2TP with PSK and AD (for IPSEC) or RADIUS (for L2TP)-Authentication.
Works as expected.
But the visible logging in Webaccess confuses me a lot:
a) switching the view to "current users" shows up sessions that are really NOT active within all active sessions
b) "current users" filtered to "current connections" shows also non existent FAILED connections e.g. due to a wrong passwd on the clientside
c) in "failed logins" I do not see ALL failed logins as I proved, instead failed logins with wrong username ore PSK are often but not always shown under "current useres" (see above b) )
d) a lot of "current connections" are represented by an IP only in the field of "user"
e) Yesterday I found two connections represented with only "nm" in the user field which bothered me really while there is no user "nm" defined [:(]. Via utrace I finally found out that it was a legal login from one road warrior in NY coming from two different IPs. This annoyes me really
The only way to REALLY know about CURRENT connections is an "ipsec status" and compare the remote IP in Webabmin to find out who is a REAL CURRENT users. But this is not the way I would expect to be the best one.
There is a Bug ID21565 which is similar, but I don´t know if it has something to do with my problems here because it is about IPS Reports and not VPN-related - and the IPs are not always visible in the "user" field here.
Any ideas?
thnx - Chris
This thread was automatically locked due to age.