Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

asa vpn sh vpn-sessiondb detail output

When I run the " sh vpn-sessiondb detail" command on my asa 5520 it tells me the following:

Active Session Summary

Sessions:
                           Active : Cumulative : Peak Concurrent : Inactive
  SSL VPN               :       0 :          0 :               0
    Clientless only     :       0 :          0 :               0
    With client         :       0 :          0 :               0 :        0
  Email Proxy           :       0 :          0 :               0
  IPsec LAN-to-LAN      :       1 :         16 :               1
  IPsec Remote Access   :       2 :        702 :               4
  VPN Load Balancing    :       0 :          0 :               0
  Totals                :       3 :        718

License Information:
  IPsec   :    750    Configured :    750    Active :      4    Load :   1%
  SSL VPN :      2    Configured :      2    Active :      0    Load :   0%
                            Active : Cumulative : Peak Concurrent
  IPsec               :          4 :        741 :               6
  SSL VPN             :          0 :          1 :               1
    AnyConnect Mobile :          0 :          0 :               0
    Linksys Phone     :          0 :          0 :               0
  Totals              :          4 :        742

Tunnels:
               Active : Cumulative : Peak Concurrent
  IKE    :          3 :        718 :               5
  IPsec  :          4 :        810 :               6
  Totals :          7 :       1528

Active NAC Sessions:
  No NAC sessions to display

Active VLAN Mapping Sessions:
  No VLAN Mapping sessions to display
------------------------

however there are only two remote clients logged in and one site to site vpn configured at the moment.  So I was wondering why under tunnels it says the active IPsec count is 4?


Thank you.

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: asa vpn sh vpn-sessiondb detail output

For the IPSec connections, that would be dependant on the number of SAs per tunnel. If you check out the IKE, that would give you the correct number of IPSec VPN tunnels which is 3 in total.

If you grab the output of "show cry ipsec sa", you would be able to find that there will be 4 SAs which is the 4 IPSec connections.

Hope that helps.

1 REPLY
Cisco Employee

Re: asa vpn sh vpn-sessiondb detail output

For the IPSec connections, that would be dependant on the number of SAs per tunnel. If you check out the IKE, that would give you the correct number of IPSec VPN tunnels which is 3 in total.

If you grab the output of "show cry ipsec sa", you would be able to find that there will be 4 SAs which is the 4 IPSec connections.

Hope that helps.

1152
Views
0
Helpful
1
Replies