Filter
Top Products
42-10
Cisco ASDM User Guide
OL-16647-01
Chapter 42 Monitoring VPN
VPN Statistics
• Encryption Statistics—Shows the statistics for all the data encryption algorithms in use by currently
active sessions.
–
Encryption Algorithm—Lists the encryption algorithm to which the statistics in this row apply.
–
Sessions—Lists the number of sessions using this algorithm.
–
Percentage—Indicates the percentage of sessions using this algorithm relative to the total active
sessions, as a number. The sum of this column equals 100 percent (rounded).
• Total Active Sessions—Shows the number of currently active sessions.
• Cumulative Sessions—Shows the total number of sessions since the security appliance was last
booted or reset.
• Refresh—Updates the statistics shown in the Encryption Statistics table.
Modes
The following table shows the modes in which this feature is available:
NAC Session Summary
Monitoring > VPN > VPN Statistics > NAC Session Summary
The NAC Session Summary window lets you view the active and cumulative Network Admission
Control sessions.
Fields
• Active NAC Sessions—General statistics about remote peers that are subject to posture validation.
• Cumulative NAC Sessions—General statistics about remote peers that are or have been subject to
posture validation.
• Accepted—Number of peers that passed posture validation and have been granted an access policy
by an Access Control Server.
• Rejected—Number of peers that failed posture validation or were not granted an access policy by
an Access Control Server.
• Exempted—Number of peers that are not subject to posture validation because they match an entry
in the Posture Validation Exception list configured on the security appliance.
• Non-responsive—Number of peers not responsive to Extensible Authentication Protocol (EAP) over
UDP requests for posture validation. Peers on which no CTA is running do not respond to these
requests. If the security appliance configuration supports clientless hosts, the Access Control Server
downloads the access policy associated with clientless hosts to the security appliance for these
peers. Otherwise, the security appliance assigns the NAC default policy.
• Hold-off—Number of peers for which the security appliance lost EAPoUDP communications after
a successful posture validation. The NAC Hold Timer attribute (Configuration > VPN > NAC)
determines the delay between this type of event and the next posture validation attempt.
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
• — • ——