Solved

Find out ip address assignment for IPSEC VPN clients - Cisco PIX

Posted on 2010-08-16
5
322 Views
Last Modified: 2012-05-10
We have a cisco PIX setup as our IPSEC VPN endpoint. The PIX allocates an IP address in the 192.168.254.0 range to the VPN clients, authentication is done via a RADIUS server which queries AD.
I need to find out who is being assigned certain IP addresses when connecting.
Does anybody know if there is a command to show this.

Thanks
0
Comment
Question by:prodriveit
5 Comments
 
LVL 14

Expert Comment

by:anoopkmr
ID: 33444684
try

show vpn-sessiondb detail
0
 
LVL 11

Expert Comment

by:Coast-IT
ID: 33444691
doesn't

#show dhcp lease

work?
0
 
LVL 14

Accepted Solution

by:
anoopkmr earned 500 total points
ID: 33444705
or  u can try

show vpn-sessiondb detail remote
0
 
LVL 2

Author Closing Comment

by:prodriveit
ID: 33444760
show vpn-sessiondb detail remote is exactly the command thanks anoopkmr.

FYI show dhcp lease doesn't work, i think that would show info from the DHCP server not the vpn connection.

0
 
LVL 20

Expert Comment

by:RPPreacher
ID: 33445005
I always did this with show IPSec sa

http://www.cisco.com/en/US/docs/security/asa/asa71/command/reference/s3_711.html#wp1223827

Then filtered results.  Can't recall specific filter (on vacation, away from notes) but it will show connections from VPN pool
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
I've written this article to illustrate how we can implement a Dynamic Multipoint VPN (DMVPN) with both hub and spokes having a dynamically assigned non-broadcast multiple-access (NBMA) network IP (public IP). Here is the basic setup of DMVPN Pha…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

825 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question