1.基本命令
FW01# show vpn-sessiondb ?
anyconnect AnyConnect sessions
detail Show detailed output
email-proxy Email-Proxy sessions
full Output formatted for data management programs
index Index of session
l2l IPsec LAN-to-LAN sessions
license-summary Show VPN License summary
ra-ikev1-ipsec IKEv1 IPsec/L2TP-IPsec Remote Access sessions
ratio Show VPN Session protocol or encryption ratios
summary Show VPN Session summary
vpn-lb VPN Load Balancing Mgmt sessions
webvpn WebVPN sessions
| Output modifiers
2.概况
FW01# show vpn-sessiondb
---------------------------------------------------------------------------
VPN Session Summary
---------------------------------------------------------------------------
Active : Cumulative : Peak Concur : Inactive
----------------------------------------------
IKEv1 IPsec/L2TP IPsec : 23 : 27338 : 55
Site-to-Site VPN : 6 : 448 : 7
IKEv1 IPsec : 6 : 448 : 7
---------------------------------------------------------------------------
Total Active and Inactive : 29 Total Cumulative : 27786
Device Total VPN Capacity : 250
Device Load : 12%
---------------------------------------------------------------------------
---------------------------------------------------------------------------
Tunnels Summary
---------------------------------------------------------------------------
Active : Cumulative : Peak Concurrent
----------------------------------------------
IKEv1 : 29 : 27786 : 61
IPsec : 6 : 437 : 8
IPsecOverNatT : 13 : 7156 : 23
IPsecOverTCP : 10 : 20315 : 46
---------------------------------------------------------------------------
Totals : 58 : 55694
---------------------------------------------------------------------------
其中Site-to-Site VPN是固定场所之间的VPN连接,在线有6个,峰值7个。
IKEv1 IPsec/L2TP IPsec 是移动远程用户客户端拨入,在线有23个,峰值55个。
3.查看许可
FW01# show vpn-sessiondb license-summary
---------------------------------------------------------------------------
VPN Licenses and Configured Limits Summary
---------------------------------------------------------------------------
Status : Capacity : Installed : Limit
-----------------------------------------
AnyConnect Premium : ENABLED : 250 : 2 : NONE
AnyConnect Essentials : DISABLED : 250 : 0 : NONE
Other VPN (Available by Default) : ENABLED : 250 : 250 : NONE
Shared License Server : DISABLED
Shared License Participant : DISABLED
AnyConnect for Mobile : DISABLED(Requires Premium or Essentials)
Advanced Endpoint Assessment : DISABLED(Requires Premium)
VPN-3DES-AES : ENABLED
VPN-DES : ENABLED
AnyConnect for Cisco VPN Phone : DISABLED
---------------------------------------------------------------------------
---------------------------------------------------------------------------
VPN Licenses Usage Summary
---------------------------------------------------------------------------
Local : Shared : All : Peak : Eff. :
In Use : In Use : In Use : In Use : Limit : Usage
----------------------------------------------------
AnyConnect Premium : 0 : 0 : 0 : 0 : 2 : 0%
AnyConnect Client : : 0 : 0 : 0%
AnyConnect Mobile : : 0 : 0 : 0%
Clientless VPN : : 0 : 0 : 0%
Other VPN : : 37 : 62 : 250 : 15%
Cisco VPN Client/ : : 31 : 55 : 12%
L2TP Clients
Site-to-Site VPN : : 6 : 7 : 2%
---------------------------------------------------------------------------
4.查看固定场所连接信息(6个)
FW01# show vpn-sessiondb l2l
Session Type: LAN-to-LAN
Connection : DefaultL2LGroup
Index : 19113 IP Addr : 16.26.61.9
Protocol : IKEv1 IPsec
Encryption : 3DES Hashing : MD5
Bytes Tx : 2474756279 Bytes Rx : 1234900659
Login Time : 06:46:48 CST Thu Feb 28 2019
Duration : 55d 3h:28m:20s
Connection : DefaultL2LGroup
Index : 33535 IP Addr : 11.38.78.40
Protocol : IKEv1 IPsec
Encryption : 3DES Hashing : MD5
Bytes Tx : 3084883334 Bytes Rx : 740171487
Login Time : 13:41:32 CST Mon Apr 15 2019
Duration : 8d 20h:33m:36s
Connection : DefaultL2LGroup
Index : 36892 IP Addr : 11.21.20.4
Protocol : IKEv1 IPsec
Encryption : 3DES Hashing : MD5
Bytes Tx : 341830556 Bytes Rx : 46374688
Login Time : 09:10:49 CST Mon Apr 22 2019
Duration : 2d 1h:04m:19s
Connection : DefaultL2LGroup
Index : 39145 IP Addr : 16.31.6.80
Protocol : IKEv1 IPsec
Encryption : 3DES Hashing : MD5
Bytes Tx : 320821909 Bytes Rx : 21072059
Login Time : 08:28:30 CST Wed Apr 24 2019
Duration : 1h:46m:38s
Connection : DefaultL2LGroup
Index : 39147 IP Addr : 11.18.5.6
Protocol : IKEv1 IPsec
Encryption : 3DES Hashing : MD5
Bytes Tx : 104127381 Bytes Rx : 40968247
Login Time : 08:45:56 CST Wed Apr 24 2019
Duration : 1h:29m:13s
Connection : DefaultL2LGroup
Index : 39154 IP Addr : 13.19.74.94
Protocol : IKEv1 IPsecOverNatT
Encryption : 3DES Hashing : MD5
Bytes Tx : 15140224 Bytes Rx : 2201604
Login Time : 09:03:30 CST Wed Apr 24 2019
Duration : 1h:11m:39s
5.查看某个远程用户连接信息
FW01# show vpn-sessiondb ra-ikev1-ipsec filter name 019
Session Type: IKEv1 IPsec
Username : 019 Index : 33436
Assigned IP : 17.5.190.46 Public IP : 16.25.52.179
Protocol : IKEv1 IPsecOverTCP
License : Other VPN
Encryption : 3DES Hashing : MD5
Bytes Tx : 2930505650 Bytes Rx : 218062463
Group Policy : dial2 Tunnel Group : dialup
Login Time : 09:21:31 CST Mon Apr 15 2019
Duration : 9d 0h:58m:57s
Inactivity : 0h:00m:00s
NAC Result : Unknown
VLAN Mapping : N/A VLAN : none