Authentication and Accounting Logging

The Routing and Remote Access service supports the logging of authentication and accounting information for PPP-based connection attempts when Windows authentication or accounting is enabled. This logging is separate from the events recorded in the system event log. You can use the information that is logged to track remote access usage and authentication attempts. Authentication and accounting logging is especially useful for troubleshooting remote access policy issues. For each authentication attempt, the name of the remote access policy that either accepted or rejected the connection attempt is recorded.

The authentication and accounting information is stored in a configurable log file or files stored in the % SystemRoot %\System32\LogFiles folder. The log files are saved in Internet Authentication Service (IAS) 1.0 or database format, meaning that any database program can read the log file directly for analysis.

You can configure the type of activity to log (accounting or authentication activity) and log file settings from the properties of the Remote Access Logging folder in the Routing and Remote Access snap-in.

If the remote access router is configured for RADIUS authentication or accounting and the RADIUS server is a computer running Windows 2000 and the Internet Authentication Service (IAS), the same information is recorded on the IAS server computer.