Monitoring tool picking up more than 1 IPSec connection in Cisco ASA

praveenmathew27 · ‎03-25-2019

I have a cisco ASA cluster for remote VPN connections(Anyconnect) . As seen below, when you use show vpn-sessiondb, you can see there is only 1 IPSec tunnel, used to monitor the VPN load-balancing cluster status.

Our reporting tool (Cacti) , sometimes show 2 IPSec tunnels. Any idea why?

---------------------------------------------------------------------------
VPN Session Summary
---------------------------------------------------------------------------
Active : Cumulative : Peak Concur : Inactive
----------------------------------------------
AnyConnect Client : 278 : 1008582 : 1026 : 12
SSL/TLS/DTLS : 278 : 1008582 : 1026 : 12
Load Balancing(Encryption) : 1 : 10 : 1
---------------------------------------------------------------------------
Total Active and Inactive : 291 Total Cumulative : 1008592
Device Total VPN Capacity : 5000
Device Load : 6%
---------------------------------------------------------------------------

---------------------------------------------------------------------------
Tunnels Summary
---------------------------------------------------------------------------
Active : Cumulative : Peak Concurrent
----------------------------------------------
IKEv1 : 1 : 10 : 1
IPsec : 1 : 10 : 1
AnyConnect-Parent : 290 : 1008582 : 1026
SSL-Tunnel : 233 : 2114711 : 882
DTLS-Tunnel : 219 : 1590970 : 822
---------------------------------------------------------------------------
Totals : 744 : 4714283
---------------------------------------------------------------------------

Dennis Mink · ‎03-25-2019

amigo,

i can see the ipsec tunnel # is 2, any idea what OID cacti is polling?

Please remember to rate useful posts, by clicking on the stars below.