Re: need to find specific remote vpn config

baselzind · ‎08-01-2019

im handling a new site with a already configured firewall 5520 with 9.1(7)11 and asdm 7.4 , the problem i was given a vpn config file to import on vpn client 5 to access the site but when i check the firewall to see the vpn config there is many old vpn config and i cant tell which one is the vpn profile im using atm? like there is many user profiles and group profiles , i cant tell how to pinpoint the vpn which im currently using? please how can i do that? i need to edit its config?

Marvin Rhoads · ‎08-01-2019

From the cli, run the following:

show vpn-sessiondb filter <username>

(substitute your username for the bracketed parameter).

Look for the "tunnel-group" (aka connection profile).

https://www.cisco.com/c/en/us/td/docs/security/asa/asa-command-reference/S/cmdref3/s14.html#pgfId-1333764

You can also see the similar information under ASDM > Monitor > VPN and choose remote access VPN clients from the dropdown.

baselzind · ‎08-01-2019

There is no (filter) option in the syntax u gave

Marvin Rhoads · ‎08-01-2019

The filter just lets you reduce the output. You can run it with all the output and just scroll to your session:

show vpn-sessiondb detail

shgrover · ‎08-03-2019

Sh vpn-sessiondb anyconnect filter <username>

look for tunnel-group in the output and tunnel-group will have the group-policy.

to check the config :-

Sh run tunnel-group <name if the tunnel-group>

Sh run group-policy <nameif the group-policy you will get this in the output of the above command>

Regards

Shikha Grover

PS: Please don't forget to rate and select as validated answer if this answered your question