Monitoring anyconnect connections – Cisco ASA 5505 User Manual

Page 1729

Advertising
background image

75-19

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 75 Configuring AnyConnect VPN Client Connections

Monitoring AnyConnect Connections

Step 2

Configure an 'ipv6 local pool' (used for IPv6 address assignment):

ipv6 local pool ipv6pool 2001:DB8:1:1::5/32 100 ; Use your IPv6 prefix here

Note

You still need to configure an IPv4 address pool when using IPv6 (using the ip local pool
command)

Step 3

Add the ipv6 address pool to your tunnel group policy (or group-policy):

tunnel-group YourTunGrp1 general-attributes ipv6-address-pool ipv6pool

Note

Again, you must also configure an IPv4 address pool here as well (using the 'address-pool'
command).

Step 4

Configure an IPv6 tunnel default gateway:

ipv6 route inside ::/0 X:X:X:X::X tunneled

Monitoring AnyConnect Connections

To view information about active sessions use the show vpn-sessiondb:

Examples

The Inactivity field shows the elapsed time since an AnyConnect session lost connectivity. If the session
is active, 00:00m:00s appears in this field.

hostname# show vpn-sessiondb

Session Type: SSL VPN Client

Username : lee

Index : 1 IP Addr : 209.165.200.232

Protocol : SSL VPN Client Encryption : 3DES

Hashing : SHA1 Auth Mode : userPassword

TCP Dst Port : 443 TCP Src Port : 54230

Bytes Tx : 20178 Bytes Rx : 8662

Pkts Tx : 27 Pkts Rx : 19

Client Ver : Cisco STC 1.1.0.117

Client Type : Internet Explorer

Group : DfltGrpPolicy

Login Time : 14:32:03 UTC Wed Mar 20 2007

Duration : 0h:00m:04s

Inactivity : 0h:00m:04s

Command

Purpose

show vpn-sessiondb

Displays information about active sessions.

vpn-sessiondb logoff

Logs off VPN sessions.

Advertising