cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1331
Views
15
Helpful
4
Replies

TERMINATE ALL ANYCONNECT SESSIONS AT A PARTICULAR TIME OF THE DAY EVERYDAY

Jesutofunmi O
Level 1
Level 1

Hello Guys, 

 

So I am looking for a way to terminate all AnyConnect sessions on my Cisco ASA at 7pm everyday. How can I achieve this please?

Patiently awaiting your response. 

 

Thank you!

4 Replies 4

@Jesutofunmi O You can achieve this using an EEM script, here is the syntax:-

Disconnect All VPN Existing Connections at a Certain Time

The ASA does not have a way to set a hard cut off time for VPN sessions. However you do this with EEM. This example demonstrates how to dicsonnect both VPN Clients and Anyconnect Clients at 5:00 PM

event manager applet VPN-Disconnect
event timer absolute time 17:00:00
action 1 cli command "vpn-sessiondb logoff ra-ikev1-ipsec noconfirm"
action 2 cli command "vpn-sessiondb logoff anyconnect noconfirm"
output none

 https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/118087-technote-asa-00.html

 

Hello Rob, 

 

Thanks for responding.
I only wish to disconnect AnyConnect clients but have other tunnels up. I guess I'll just exclude the line below:

 action 1 cli command "vpn-sessiondb logoff ra-ikev1-ipsec noconfirm"

 

@Jesutofunmi O Yes, just omit that first action. That example guide is old, so it's unlikely you'll have any ra-ikev1-ipsec clients.

Thanks Rob. I have checked, I have no ra-ikev1-ipsec clients
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: