"No data found" when I change my filter.

The server they are connecting to over vpn.

Sent from my iPhone

I found the issue it's not allowing VPN traffic data to be pulled into table view, is this by design??

Hi Jaun,

Are you talking about Mobile access SSL VPN? Please select "All Session events" in Mobile access blade for required field and check.

Mobile Access Blade --> Advance setting --> Logging --> Tracking

Not sure what you’re referring to there but I have logs reported for user access:

there is just no way to get them pulled into the reports because VPN Blade is not an option for data field:

--Juan

Still trying to get this resolved:

Just a thought, have you tried applying a report filter of VPN blade and Source equal to the Office mode IP range, and then adding just source and destination to your table?

Yes doesn’t come up ☺

What version are the gateways and management on?

R80.10 – mobile access is not one of the fields you can add in the table

Just dealing with such report and have follwing suggestions for you:

1. Enable "logging per session" on all rules you want to track. VPN blade is not generating session logs, so no data for smartevent.

2. On your report use filter by action: Decrypt and can also filter for destination if applicable.

Where how it looks no my report:

Hope this helps

Thank you very much - will test per your settings.

That worked!! Thanks so much for the solution.

Hi,

I've read this thread with interest as I'm trying to do the same thing - reporting on what internal servers each Mobile Access user is hitting.  I didn't quite follow when you suggested "logging per session".  I presume you mean on the normal Security rules logging?  In which case, which Security rule would I log to capture Mobile Access Native Application traffic?  

Any help greatly appreciated.

Thanks,

Matt

Right click on Track field of relevant rule, select More.

Thanks Dameon Welch Abernathy.  I was more interested in which Security rule I need to enable this logging.  I thought that as I'm using Mobile Access, my access rules are created in the MAB rulebase rather than the Security rulebase, so I don't get which specific rule I should enable this per session logging on in order to capture what internal "Native Application" IP's my users are accessing?

Which Security rule (if any) matches the traffic?

Not sure if this works if you're not using the unified policy that includes Mobile Access or not.

Ah, Unified Policy!  That makes sense...  I'm not running Unified at the moment...  I'll add that to my To-Do list!

Thanks.

Hi,

I have made below settings for only Mobile users.

I have put Office pool IPs in source field.