XV. VigorACS and VigorConnect

VigorACS - How to use VigorACS to track local admin access and configuration changes to a router

Products:
Vigor ACS
VigorACS 3
Keywords:
ACS
ACS 3
CPE Notify
CPE notification
Show all

DrayTek Vigor ACS is a great tool for provisioning, monitoring, and managing routers, wireless APs, and switches. As part of the monitoring functionality, routers can be configured to inform VigorACS of any administration access to the Web Interface of the router and any configuration changes which are applied to the router. This behaviour is controlled by enabling the CPE notification settings on the router, and any information reported by the router to VigorACS is stored in the CPE Notify Log. This log can be a useful auditing tool for tracking changes that are made to devices.

Option 1. Configuration on a Vigor Router

1. Go to [System Maintenance] > [TR-069 Setting], then open Reporting Configuration

kb acs log configuration changes 01

2. In Reporting Configuration,

  1. Enable CPE Notification Settings
  2. Select Web Login or Web Changed
  3. Press OK to save

 kb acs log configuration changes 02

Option 2. Setup on VigorACS 3

1. Open the ACS dashboard

  1. Select the Network tab
  2. Open your network group and choose the device to configure

kb acs log configuration changes 13

2. Go to [Configuration] > [System]

kb acs log configuration changes 14

3. Click TR069 Settings on the sidebar and enable CPE Notification Settings which is located at the bottom of this page.

kb acs log configuration changes 15

4. In CPE Notification Settings,

  1. Select Web Login Notify or Web Login Notify.
  2. Click Save.

kb acs log configuration changes 16

Check notifications on VigorACS 3

1. Go to [Monitoring] > [Logs]

kb acs log configuration changes 17

2. On the Logs Dashboard, select CPE Notify

Here we can see different messages:

  1. Web Change: If someone has changed the settings of the router, CPE Notify will show the setup updates
  2. Web Login: If someone has accessed the GUI of the router successfully, CPE Notify will show the message “[Web]WebUI login success.”
  3. Web Login: If someone has tried to log in the GUI of the router with invalid username, CPE Notify will show the message “[Web]WebUI login fail, Invalid user!”
  4. Web Login: If someone has tried to log in the GUI of the router with wrong password, CPE Notify will show the message “[Web]WebUI login fail, Invalid password!”

If you need to check CPE notifications for a specific group or a single device instead of whole network:

  1. Tap the Network box which is located at the top of ACS Dashboard
  2. Select the network group
  3. (optional) Click the arrow icon of the network group to select the specific device

kb acs log configuration changes 19