01-31-2018 10:12 PM - edited 02-21-2020 07:15 AM
hi,
i'm trying to clear counters for VPN sessions using the clear vpn-sessiondb statistics all.
but i can still see high number count and not back down to 0.
is this a bug or am i using the wrong clear command?
#clear vpn-sessiondb statistics all
INFO: Number of sessions cleared : 13
# show vpn-sessiondb summary
---------------------------------------------------------------------------
VPN Session Summary
---------------------------------------------------------------------------
Active : Cumulative : Peak Concur : Inactive
----------------------------------------------
AnyConnect Client : 0 : 333 : 1 : 0
SSL/TLS/DTLS : 0 : 333 : 1 : 0
IKEv1 IPsec/L2TP IPsec : 4 : 1813 : 8
Site-to-Site VPN : 9 : 18640 : 15
IKEv1 IPsec : 9 : 18640 : 15
---------------------------------------------------------------------------
Total Active and Inactive : 13 Total Cumulative : 20786
Device Total VPN Capacity : 250
Device Load : 5%
---------------------------------------------------------------------------
Solved! Go to Solution.
05-21-2018 03:08 AM
I found the only way to clear the vpn-sessiondb stats was with the command :
clear vpn-sessiondb statistics global
Hope that helps.
05-21-2018 03:08 AM
I found the only way to clear the vpn-sessiondb stats was with the command :
clear vpn-sessiondb statistics global
Hope that helps.
04-03-2020 12:45 AM - edited 04-03-2020 12:47 AM
funny i'm in the same situation again and found my original post.
i concur this is right command to clear VPN historical stats.
ciscoasa# clear vpn-sessiondb statistics global
INFO: Global session data cleared
ciscoasa# sh vpn-sessiondb summary
No sessions to display.
Statistics have been cleared 1 time(s) since reboot
05-21-2018 05:55 AM
Hello John,
Haven't done that for years, but have you tried: clear resource usage resource VPN other ?
You will need to run this under Configuration mode
Hope that helps.
05-21-2018 06:47 AM
05-21-2018 09:00 AM - edited 05-21-2018 09:47 AM
Hey @Florin Barhala,
I remember using it a while ago, but I am not sure if it will work for clearing the vpn-sessiondb.
I tested now to one of my lab firewalls: show resource usage resource VPN other I get no statistics in return, so I think the command: clear resource usage resource VPN other would have cleared those statistics. Note that according to Cisco other includes "Other VPN sessions which include Site-to-Site, IKEv1 RA and L2tp Sessions. These are guaranteed for a context and shouldn't exceed the system capacity when combined across all contexts."
So to clear the statistics from the vpn-sessiondb, I think what @UKITMN said is the correct answer.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide