Is there a way to kick all connected VPN users or specific user?

Posted on 2009-12-16
Medium Priority
Last Modified: 2012-05-08
I'm very very new to this Cisco firewall and VPN thing. so, any help is really great!

when I type in the following command:
ASA5510# show vpn-sessiondb webvpn
INFO: There are presently no active sessions of the type specified

which is fine cuz no one is able to connect via webVPN at the moment.

when I type the following command:

ASA5510# show vpn-sessiondb summary

Active Sessions:                        Session Information:
  IPSec LAN-to-LAN       : 1              Peak Concurrent        : 3
  IPSec Remote Access    : 0              IPSec Limit            : 250
  WebVPN                 : 0              WebVPN Limit           : 2
  SSL VPN Client (SVC)   : 1              Cumulative Sessions    : 20
  Email Proxy            : 0
  Total Active Sessions  : 2              Percent Session Load   : 1%

Active NAC Sessions:                    Cumulative NAC Sessions:
  Accepted               : 0              Accepted             : 0
  Rejected               : 0              Rejected             : 0
  Exempted               : 0              Exempted             : 0
  Non-responsive         : 0              Non-responsive       : 0
  Hold-off               : 0              Hold-off             : 0
  N/A                    : 0              N/A                  : 0

we have 2 WebVPN licenses but currently my co-worker is unable to connect to it. does anyone know why? also, by looking at "total active sessions" does that mean that i've exhausted my licenses? if so how can i tell who is currently logged in? how do i kick a specific user out or end their current session?

Thank you
Question by:golowai
LVL 16

Expert Comment

ID: 26067102

#clear  crypto ipsec sa

Accepted Solution

neuromancerxyz earned 200 total points
ID: 26069605
the above command is for site to site tunnel.

you need to use the below command in config t mode.
ASA-FW01(config)# clear vpn-sessiondb statistics webvpn

exec mode commands/options:
  all           All sessions
  email-proxy   Email Proxy sessions
  global        Global session data
  index         Index specific session
  ipaddress     IP Address specific sessions
  l2l           IPsec LAN-to-LAN sessions
  name          Username specific sessions
  protocol      Protocol specific sessions
  remote        IPsec Remote Access sessions
  svc           SSL VPN Client sessions
  tunnel-group  Tunnel Group sessions
  vpn-lb        VPN Load Balancing Mgmt sessions
  webvpn        WebVPN sessions

Its easy in ASDM.
Monitoring > VPN Staticsts > Session.

Hope this helps

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Before I go to far, let's explain HA (High Availability) and why you should consider it.  High availability is the mechanism used to provide redundancy to any service at the same site and appears as a single service to the users of that service.  As…
#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses
Course of the Month17 days, 13 hours left to enroll

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question