Verify ASA Remote Access VPN Configuration

After you configure the remote access VPN and deploy the configuration to the device, verify that you can make remote connections.

Procedure


Step 1

From an external network, establish a VPN connection using the AnyConnect client. Using a web browser, open https://ravpn-address, where ravpn-address is the IP address or hostname of the outside interface on which you are allowing VPN connections. If necessary, install the client software and complete the connection. See How Users Can Install the AnyConnect Client Software. If you configured group URLs, also try those URLs.

Step 2

In the Security Devices page, select the device (FTD or ASA) you want to verify and click Command Line Interface under Device Actions.

Step 3

Use the show vpn-sessiondb command to view summary information about current VPN sessions.

Step 4

The statistics should show your active AnyConnect Client session, and information on cumulative sessions, the peak concurrent number of sessions, and inactive sessions. Following is sample output from the command.

Step 5

Use the show vpn-sessiondb anyconnect command to view detailed information about current AnyConnect VPN sessions. Detailed information includes encryption used, bytes transmitted and received, and other statistics. If you use your VPN connection, you should see the bytes transmitted/received numbers change as you re-issue this command.

Step 6

Use the show vpn-sessiondb anyconnect command to view detailed information about current AnyConnect VPN sessions. Detailed information includes encryption used, bytes transmitted and received, and other statistics. If you use your VPN connection, you should see the bytes transmitted/received numbers change as you re-issue this command.