Solved: Show commands to check name of split tunnel ACL

Sheraz_35 · ‎07-22-2015

Hi,

I was wondering, if I wanted to check if any IPSEC or Anyconnect vpn's had been created and what split tunnel/VPN filter ACL's they are using what would be the commands to do this? I know I can do this through ASDM but I would like to know how to do it through CLI.

As today I needed to check what Split tunnel ACL a IPSEC vpn was using and did not know how to do it through CLI. Thanks

Boris Uskov · ‎07-22-2015

A good question!

I have the following two-step suggestion.

First step:

! For IPsec

show vpn-sessiondb ra-ikev1-ipsec

! For Anyconnect

show vpn-sessiondb anyconnect

There you'll find the names of group-policies.

Second step:

show runn group-policy <Group-Policy name from step 1> | i split

But if someone could point to a better solution, it'll be great :)

View solution in original post

Boris Uskov · ‎07-22-2015

A good question!

I have the following two-step suggestion.

First step:

! For IPsec

show vpn-sessiondb ra-ikev1-ipsec

! For Anyconnect

show vpn-sessiondb anyconnect

There you'll find the names of group-policies.

Second step:

show runn group-policy <Group-Policy name from step 1> | i split

But if someone could point to a better solution, it'll be great :)

Sheraz_35 · ‎07-31-2015

Hi Boris,

That was very helpful thanks!

I did

show vpn-sessiondb ra-ikev1-ipsec

found the name of the group policy then did

show run group-policy

And was able to see the name of the split tunnel ACL being used.

Additionally to see all the pools configured the command is "show ip local pool"

Thanks for your help.