23 November 2012

Cisco ASA: Anyconnect - How to source how many users and which users are logged in via Anyconnect?

With standard IPSEC/ISAKMP I am used to running "show crypto isa sa detail" style commands to figure out how many and who is logged into a client VPN session. With AnyConnect the above commands don't work. As AnyConnect is typically configured as a SSL VPN client, you have to use a different set of commands to troubleshoot. The below is for the Cisco ASA product set... there should be something similar for IOS devices.


FW01# show vpn-sessiondb anyconnect 
Session Type: AnyConnect
Username     : bob                Index        : 71
Assigned IP  : 10.0.1.1            Public IP    : x.x.x.x
Protocol     : AnyConnect-Parent SSL-Tunnel
License      : AnyConnect Essentials
Encryption   : RC4                    Hashing      : none SHA1
Bytes Tx     : 399272098              Bytes Rx     : 10860313
Group Policy : VPN_CLIENT_POLICY      Tunnel Group : VPN
Login Time   : 09:04:59 EST Fri Nov 23 2012
Duration     : 7h:02m:46s
Inactivity   : 0h:00m:00s
NAC Result   : Unknown
VLAN Mapping : N/A                    VLAN         : none
[...]
The above shows all active users logged into the SSL VPN client. You get their username, public IP and mapped VPN IP as well as the encryption mechanisms used. Pretty handy.

If you are just after an overview of how many users are connected the below is a good starting point. For the below I had 3 active VPN tunnels in use below.


FW01# show vpn-sessiondb          
---------------------------------------------------------------------------
VPN Session Summary                                                      
---------------------------------------------------------------------------
                               Active : Cumulative : Peak Concur : Inactive
                             ----------------------------------------------
AnyConnect Client            :      3 :         20 :           4 :        0
  SSL/TLS/DTLS               :      3 :         20 :           4 :        0
Clientless VPN               :      0 :          4 :           1
  Browser                    :      0 :          4 :           1
---------------------------------------------------------------------------
Total Active and Inactive    :      3             Total Cumulative :     24
Device Total VPN Capacity    :    250
Device Load                  :     1%
---------------------------------------------------------------------------
---------------------------------------------------------------------------
Tunnels Summary
---------------------------------------------------------------------------
                               Active : Cumulative : Peak Concurrent  
                             ----------------------------------------------
Clientless                   :      0 :          7 :               2
AnyConnect-Parent            :      3 :         17 :               4
SSL-Tunnel                   :      3 :         22 :               4
---------------------------------------------------------------------------
Totals                       :      6 :         46
---------------------------------------------------------------------------
 Hope this helps someone. Thanks for reading.

Posted by at