Cisco Systems ASA 5540 Network Router User Manual


  Open as PDF
of 2086
 
74-5
Cisco ASA 5500 Series Configuration Guide using ASDM
Chapter 74 Monitoring VPN
VPN Statistics
Login Time/Duration—Shows the date and time (MMM DD HH:MM:SS) that the session
logged in. and the length of the session. Time is displayed in 24-hour notation.
Bytes Tx/Bytes Rx—Shows the total number of bytes transmitted to/received from the remote
peer or client by the ASA.
E-Mail Proxy—Indicates that the values in this table relate to traffic for Clientless SSL VPN
sessions.
Username/IP Address—Shows the username or login name for the session and the IP address of
the client.
Protocol/Encryption—Shows the protocol and the data encryption algorithm this session is using,
if any.
Login Time/Duration—Shows the date and time (MMM DD HH:MM:SS) that the session
logged in. and the length of the session. Time is displayed in 24-hour notation.
Bytes Tx/Bytes Rx—Shows the total number of bytes transmitted to/received from the remote
peer or client by the ASA.
The remainder of this section describes the buttons and fields beside and below the table.
Details—Displays the details for the selected session. The parameters and values differ, depending
on the type of session.
Logout—Ends the selected session.
Ping—Sends an ICMP ping (Packet Internet Groper) packet to test network connectivity.
Specifically, the ASA sends an ICMP Echo Request message to a selected host. If the host is
reachable, it returns an Echo Reply message, and the ASA displays a Success message with the name
of the tested host, as well as the elapsed time between when the request was sent and the response
received. If the system is unreachable for any reason, (for example: host down, ICMP not running
on host, route not configured, intermediate router down, or network down or congested), the ASA
displays an Error screen with the name of the tested host.
Logout By—Chooses a criterion to use to filter the sessions to be logged out. If you choose any but
--All Sessions--, the box to the right of the Logout By list becomes active. If you choose the value
Protocol for Logout By, the box becomes a list, from which you can choose a protocol type to use
as the logout filter. The default value of this list is IPsec. For all choices other than Protocol, you
must supply an appropriate value in this column.
Logout Sessions—Ends all sessions that meet the specified Logout By criteria.
Refresh—Updates the screen and its data. The date and time indicate when the screen was last
updated.
Sessions Details
Monitoring > VPN > VPN Statistics > Sessions >Details
The Session Details pane displays configuration settings, statistics, and state information about the
selected session.
The Remote Detailed table at the top of the Session Details pane displays the following columns:
Username—Shows the username or login name associated with the session. If the remote peer is
using a digital certificate for authentication, the field shows the Subject CN or Subject OU from the
certificate.
Group Policy and Tunnel Group—Group policy assigned to the session and the name of the tunnel
group upon which the session is established.