Hi,
I've been looking to log pptp vpn login/logouts.
So, looking at the system log I can see this sort of thing (example):
Feb 25 07:50:48 pptp[25580]: Plugin pptp.so loaded.
Feb 25 07:50:48 pptp[25580]: PPTP plugin version 0.8.5 compiled for pppd-2.4.5, linux-2.6.22.19
Feb 25 07:50:48 pptp[25580]: pppd 2.4.5 started by admin, uid 0
Feb 25 07:50:48 pptp[25580]: Couldn't allocate PPP unit 10 as it is already in use
Feb 25 07:50:48 pptp[25580]: Using interface ppp11
Feb 25 07:50:48 pptp[25580]: Connect: ppp11 <--> pptp (x.x.x.x)
Feb 25 07:50:48 pptp[25580]: MPPE 128-bit stateless compression enabled
Feb 25 07:50:50 pptp[25580]: found interface br0 for proxy arp
Feb 25 07:50:50 pptp[25580]: local IP address 192.168.1.246
Feb 25 07:50:50 pptp[25580]: remote IP address 192.168.1.201
Feb 25 08:08:46 pptp[25580]: Connect time 18.0 minutes.
Feb 25 08:08:46 pptp[25580]: Sent 8611410 bytes, received 636834 bytes.
Feb 25 08:08:46 pptp[25580]: Terminating on signal 15
Feb 25 08:08:49 pptp[25580]: Connection terminated.
You can see from the log that only an external IP address is logged for
the connection...
Connect: ppp11 <--> pptp (x.x.x.x)
As the remote VPN users don't use static IP's isn't hard to pinpoint what
username was used to login (historically)
Obviously if the use is logged in right now I can use the /Advanced_VPNStatus.asp screen and get both the IP and the VPN username.
a) Can the pptp syslog have the vpn username address to it?
b) A separate log of PPTN/Vpn connections?
Thank you,
Steve
I've been looking to log pptp vpn login/logouts.
So, looking at the system log I can see this sort of thing (example):
Feb 25 07:50:48 pptp[25580]: Plugin pptp.so loaded.
Feb 25 07:50:48 pptp[25580]: PPTP plugin version 0.8.5 compiled for pppd-2.4.5, linux-2.6.22.19
Feb 25 07:50:48 pptp[25580]: pppd 2.4.5 started by admin, uid 0
Feb 25 07:50:48 pptp[25580]: Couldn't allocate PPP unit 10 as it is already in use
Feb 25 07:50:48 pptp[25580]: Using interface ppp11
Feb 25 07:50:48 pptp[25580]: Connect: ppp11 <--> pptp (x.x.x.x)
Feb 25 07:50:48 pptp[25580]: MPPE 128-bit stateless compression enabled
Feb 25 07:50:50 pptp[25580]: found interface br0 for proxy arp
Feb 25 07:50:50 pptp[25580]: local IP address 192.168.1.246
Feb 25 07:50:50 pptp[25580]: remote IP address 192.168.1.201
Feb 25 08:08:46 pptp[25580]: Connect time 18.0 minutes.
Feb 25 08:08:46 pptp[25580]: Sent 8611410 bytes, received 636834 bytes.
Feb 25 08:08:46 pptp[25580]: Terminating on signal 15
Feb 25 08:08:49 pptp[25580]: Connection terminated.
You can see from the log that only an external IP address is logged for
the connection...
Connect: ppp11 <--> pptp (x.x.x.x)
As the remote VPN users don't use static IP's isn't hard to pinpoint what
username was used to login (historically)
Obviously if the use is logged in right now I can use the /Advanced_VPNStatus.asp screen and get both the IP and the VPN username.
a) Can the pptp syslog have the vpn username address to it?
b) A separate log of PPTN/Vpn connections?
Thank you,
Steve