Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
318
Views
1
Helpful
2
Replies

Using PLINK to script FMC to export AnyConnect users

Go to solution
dpditstaff
Level 1
Level 1

‎04-27-2024 05:00 PM

We are trying to use PLINK to export a list of active AnyConnect users via TFTP to a text file that's then parsed and displayed via HTML.

We use a batch file with the following contents that calls a text file containing the required commands:

plink -ssh -l admin -pw IDpd#:!7763 165.206.243.61 -m FirePower-VPN-script.txt
pause

Contents of FirePower-VPN-Script.txt:

system support diagnostic-cli
enable
/r/n
show vpn-sessiondb anyconnect | redirect tftp://<TFTP Server IP Address>/Firepower-vpnconnections.txt
exit 

 

Any guidance would be appreciated or if there is another process we can use to schedule the export of the active AnyConnect sessions such as the api.

 

Thanks

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎04-27-2024 10:48 PM

You can also run EEM script on FTD to export automatically every day 1:00am or desired timing or frequency

example :

event manager applet vpnsessiondb
description vpnsessiondb-export
event timer absolute time 00:01:00
action 1 cli command "show vpn-sessiondb anyconnect | redirect tftp://<TFTP Server IP Address>/Firepower-vpnconnections.txt"

I have not played with API - you can use postman to see if you get output you looking and incorporate with your program to get data once it working.

GET remoteaccessvpns

Request Type: GET

Description: Retrieves the FTD RA VPN topology associated with the specified ID. If no ID is specified for a GET, retrieves list of all FTD RA VPN topologies.

 

you can check below :

https://www.cisco.com/c/en/us/td/docs/security/firepower/70/api/REST/firepower_management_center_rest_api_quick_start_guide_70/Objects_In_The_REST_API.html#Cisco_Reference.dita_9dedf0aa-7511-41d9-88b2-210c2afa5e05

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

2 Replies 2

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎04-27-2024 10:48 PM

You can also run EEM script on FTD to export automatically every day 1:00am or desired timing or frequency

example :

event manager applet vpnsessiondb
description vpnsessiondb-export
event timer absolute time 00:01:00
action 1 cli command "show vpn-sessiondb anyconnect | redirect tftp://<TFTP Server IP Address>/Firepower-vpnconnections.txt"

I have not played with API - you can use postman to see if you get output you looking and incorporate with your program to get data once it working.

GET remoteaccessvpns

Request Type: GET

Description: Retrieves the FTD RA VPN topology associated with the specified ID. If no ID is specified for a GET, retrieves list of all FTD RA VPN topologies.

 

you can check below :

https://www.cisco.com/c/en/us/td/docs/security/firepower/70/api/REST/firepower_management_center_rest_api_quick_start_guide_70/Objects_In_The_REST_API.html#Cisco_Reference.dita_9dedf0aa-7511-41d9-88b2-210c2afa5e05

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Go to solution
dpditstaff
Level 1
Level 1

‎04-28-2024 03:48 PM

Thank you for your response.  Set up a FlexObject that worked perfectly!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card