Solved: Re: Group-policy user count via CLI

dschwind · ‎07-15-2020

We authorize users via ISE to specific ASA group-policies. Is there a CLI way of determining active user counts for each group-policy?

Dennis

Josue Brenes · ‎07-16-2020

Hi Dschwind,

I do not think there is a specific command for it.
The only two alternatives I can think of are the following:
1. See how many users are using a specific group-policy(my current group-policy is named Josue_GP) but it does not tell you what the user id's are:
ASA15(config)# sh vpn-sessiondb anyconnect | grep -c Josue_GP
Number of lines which match regexp = 1

In this case, there is one user using the group-policy Josue_GP.

2. Check the Group-policy and user, for example:
ASA15(config)# sh vpn-sessiondb anyconnect | i Username|Group Policy
Username : jbrenesm Index : 6042
Group Policy : Josue_GP Tunnel Group : Josue_TG
Username : Josue Brenes Index : 6051
Group Policy : Linux_GP Tunnel Group : Linux_TG

In this case, user "jbrenesm" is connected and using Group Policy: Josue_GP, while user "Josue Brenes" uses Group Policy: Linux_GP.

Rate if it helps.

Regards,
Josue Brenes
TAC - VPN Engineer.

View solution in original post

Josue Brenes · ‎07-16-2020