Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Who is connected to EasyVPN on a 2811

Hello,

One of our client want to know who is connected to his Vpn gateway (2811 with EasyVpn), so we tried to get this information with our own EasyVpn lab but we haven't got this information.

Does it exist a command on CLI to view who (username) is connected through the Easyvpn (we tried "sh user all" and "sh aaa user all" with no result)

And does it exist a windows executable program that can manage Easy Vpn and can Monitor Easyvpn user (a list of username that is connected on EasyVpn server)

4 REPLIES
Gold

Re: Who is connected to EasyVPN on a 2811

Use command "show aaa user all" in case you dont see any outputs, you need enable AAA accounting on the 2811 and then run the command again.

Please check the below URL for enabling VPN Accounting

http://www.cisco.com/en/US/customer/products/sw/iosswrel/ps1839/products_feature_guide09186a00801541ba.html

M.

Hope that helps rate if it does

New Member

Re: Who is connected to EasyVPN on a 2811

Ok but I tried this command and it return a lot of things but nothing about the user name connected on vpn.

But I found this morning what I want :

The command to see who is connected to a EasyVpn Gateway is :

"sh crypto session" but this command return a lot of things like the authentification method, the encryption, total byte transferred, Ip of remote host etc... so if you use a grep command you can see each username is connected to the EasyVpn Gateway.

To conclude you have to use this command to see Who is connected to a EasyVpn Gateway on a ISR (2811):

"sh crypto session | i Username"

Thanks a lot,

New Member

Re: Who is connected to EasyVPN on a 2811

I use PPTP VPN and when I needed to check which users are connected I issue the following command:

show user

Probably, this might work for you too (Only if you are using local authentication)

Let me know if it works so I might learn something from you ;)

* Please rate if it helps.

New Member

Re: Who is connected to EasyVPN on a 2811

If you are only using PSK to authenticate the tunnel, then there is nothing to log and you'd need to see tunnels

sh crypto isakamp sa

You need to setup AAA to log authentications and authorizations to a radius or TACACS+ server. I'd suggest they get a Cisco Secure ACS Server so they can log that information and keep track. This would also alow them to authenticate to a variety of external user databases like AD, LDAP, or SDMI..

158
Views
0
Helpful
4
Replies
CreatePlease login to create content