I should definitely preface this post by saying I am not by an stretch of the imagination an ASA guy...
Does anyone know of a method to determine the maximum number of concurrently used SSL VPN licenses (sessions) on an ASA5540 over a period of time? For instance, over a week, the MAXIMUM number of concurrent users that were utilizing SSL licenses on the box. We are trying to determine current license capacity of the device.
We are running 8.2(5) on the ASA itself, and have 6.47 ASDM deployed.
"We are trying to determine current license capacity of the device."
if that's all you want, there is no need for the hassle of measuring actual connections. Just do:
and the ASA will tell you about the license capacity regarding SSL VPNs (and then some).
Anyway, say that you get that number, and you are not sure whether the capacity will suffice, then you'd probably want to measure actual connections over time. The most straightforward way I can think of is using SNMP. Do:
sh snmp-server oidlist
and you'll get the full list. SSL VPN ("Web VPN") starts at 184.108.40.206.220.127.116.11.318.104.22.168. on the ASA I looked at, and you can poll number of current sessions, number of cumulative sessions, and number of sessions at the peak.
Setting up some 3rd party devices for my Fire and Rescue trucks that will VPN back to our FPR-2110. I can blatantly see what's going on with the IKEv2 platform and protocol debugs on. It's selecting the wrong dynamic map!IKEv2-PLAT-4: (32): Cry...
On January 22, 2020, the Cisco Product Security Incident Response Team (PSIRT) disclosed a vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC). The vulnerability could allow an unauthenticated, remote attac...
Meet the Authors Event - A Cybersecurity Deep Dive with Omar Santos
(Live event – Thursday, January 23rd, 2020 at 10:00 a.m. Pacific / 1:00 p.m. Eastern / 7:00 p.m. Paris)
This event will have place on Thursday 23rd, January 2020 at 10hrs PDT
Posting this for anyone interested in using a Raspberry PI as a flow collector for Stealthwatch. We created a very lightweight version of our software. It can create flows if the eth port is attached to a SPAN or you can forward NetFlow/IPFIX ...