VPN 3000 Series Concentrator Reference Volume II: Administration and Monitoring, Release 4.7 - Sessions [Cisco VPN 3000 Series Concentrators]

Table Of Contents

Sessions

Monitoring | Sessions

Screen Elements

Detail

Protocols

Screen Elements

SEPs

Screen Elements

Encryption

Screen Elements

Top Ten Lists

Top Ten Lists | Data

Screen Elements

Top Ten Lists | Duration

Screen Elements

Top Ten Lists | Throughput

Screen Elements

Sessions

Monitoring | Sessions

The following screen shows comprehensive data for all active user and administrator sessions on the VPN Concentrator.

Figure 17-1 Monitoring | Sessions Screen

Screen Elements

The fields on this screen are the same as those provided for Administration | Administer Sessions, except that this screen does not provide administrative options. See the documentation for the Administration | Administer Sessions screen for an explanation of the fields found here. The following Administration screen elements are not on this Monitoring screen:

•Logout All

•NAC Revalidate All and Reinitialize All

•Actions

Additional Information

The Monitoring | Sessions screen provides protocol and encryption information for LAN-to-LAN, Remote Access, and Management sessions. See Monitoring | Sessions | Protocols for a graphical representation of sessions by protocol. See Monitoring | Sessions | Encryption for a graphical representation of sessions by encryption algorithm used.

Detail

These Manager screens show detailed parameters and statistics for a specific remote-access or LAN-to-LAN session. These screens are identical to Administration | Administer Sessions | Administer Sessions | Detail. For information, see the Administration screen.

The Manager displays the appropriate screen when you click a highlighted connection name or username on the Monitoring | Sessions screen.

See Table 2-2 for definitions of the possible session detail parameters, in alphabetical order.

Protocols

This screen graphically displays the protocols used by currently active user and administrator sessions on the VPN Concentrator.

Figure 17-2 Monitoring | Sessions | Protocols Screen

Screen Elements

•Refresh — Click to update the screen and its data. The date and time indicate when the screen was last updated.

•Group — Choose a group from the menu to show protocols used by currently active users in that group only. The default value is --All--, which displays protocols for users in all groups.

•Active Sessions — The number of currently active sessions.

•Total Sessions — The total number of sessions since the VPN Concentrator was last booted or reset.

•Protocol — The protocol that the session is using:

–Console = Directly connected console; no protocol

–Debug/Console = Debugging via console (for Cisco use only)

–Debug/Telnet = Debugging via Telnet (for Cisco use only)

–FTP = File Transfer Protocol

–HTTP = Hypertext Transfer Protocol (web browser)

–IMAP4S E-Mail = E-Mail proxy connection over IMAP4S

–IPSec = Internet Protocol Security tunneling protocol (remote-access users)

–IPSec/LAN-to-LAN = IPSec LAN-to-LAN connection

–IPSec/LAN-to-LAN/NAT-T = IPSec LAN-to-LAN connection over NAT Traversal

–IPSec/NAT-T = IPSec over NAT Traversal

–IPSec/TCP = IPSec through NAT (Network Address Translation) via TCP

–IPSec/UDP = IPSec through NAT (Network Address Translation) via UDP

–L2TP = Layer 2 Tunneling Protocol

–L2TP/IPSec = L2TP over IPSec

–L2TP/IPSec/NAT-T = L2TP/IPSec connection over NAT Traversal

–Other = Protocol other than those listed here

–POP3S E-Mail= E-Mail proxy connection over POP3S

–PPTP = Point-to-Point Tunneling Protocol

–SMTPS E-Mail = E-Mail proxy connection over SMTPS

–SNMP = Simple Network Management Protocol

–SSH = Secure SHell protocol

–Telnet = Terminal emulation protocol

–TFTP = Trivial File Transfer Protocol

–VCA/IPSec = Virtual Cluster Agent via IPSec (For Cisco use only.)

–WebVPN = SSL VPN

•Sessions — The number of active sessions using this protocol. The sum of this column equals the total number of Active Sessions shown above.

•Bar Graph — The percentage of sessions using this protocol relative to the total active sessions, as a horizontal bar graph. Each segment of the bar in the column heading represents 25 percent.

•Percentage — The percentage of sessions using this protocol relative to the total active sessions, as a number. The sum of this column equals 100 percent (rounded).

SEPs

Note This screen appears on models 3015-3080 only.

This screen graphically displays the SEP (Scalable Encryption Processing) or SEP-E (Enhanced SEP) modules used by currently active user and administrator sessions on the VPN Concentrator. SEP modules perform data encryption functions in hardware.

Figure 17-3 Monitoring | Sessions | SEPs Screen

Screen Elements

•Refresh — Click to update the screen and its data. The date and time indicate when the screen was last updated.

•Group — Choose a group from the menu to display SEP modules for that group only. The default value is --All--, which displays SEP modules for all groups.

•Active Sessions — The number of currently active sessions.

•Total Sessions — The total number of sessions since the VPN Concentrator was last booted or reset.

•SEP — The SEP module that the sessions are using.

–Not on SEP = using software encryption, or not using encryption.

–1, 2, 3, 4 = SEP module 1, 2, 3, and 4, respectively.

•Sessions — The number of active sessions using this SEP module. The sum of this column equals the total number of Active Sessions shown above.

•Bar Graph — The percentage of sessions using this SEP module relative to the total active sessions, as a horizontal bar graph. Each segment of the bar in the column heading represents 25 percent.

•Percentage — The percentage of sessions using this SEP module relative to the total active sessions, as a number. The sum of this column equals 100 percent (rounded).

Encryption

This screen graphically displays the data encryption algorithms used by currently active user and administrator sessions on the VPN Concentrator.

Figure 17-4 Monitoring | Sessions | Encryption Screen

Screen Elements

•Refresh — Click to update the screen and its data. The date and time indicate when the screen was last updated.

•Group — Choose a group from the menu to monitor data encryption algorithms used by currently active users in that group only. The default value is --All--, which displays data encryption algorithms for all groups.

•Active Sessions — The number of currently active sessions.

•Total Sessions — The total number of sessions since the VPN Concentrator was last booted or reset.

•Encryption — The data encryption algorithm that the sessions are using:

–None = no data encryption

–Other = other than listed below

–3DES-168 = Triple-DES encryption with a 168-bit key

–3DES-168 TLSv1 = Triple-DES algorithm with a 168-bit key and Transport Layer Security Version 1

–AES-128 = Advanced Encryption Standard (AES) encryption with a 128-bit key

–AES-192 = AES encryption with a 192-bit key

–AES-256 = AES encryption with a 256-bit key

–DES-40 = Data Encryption Standard encryption with a 56-bit key, 40 bits of which are private

–DES-56 = DES algorithm with a 56-bit key

–DES-56 TLSv1= DES algorithm with a 56-bit key and Transport Layer Security Version 1

–RC4-40 Stateful = RSA RC4 encryption with a 40-bit key, and with keys changed after some number of packets or whenever a packet is lost

–RC4-40 Stateless = RSA RC4 encryption with a 40-bit key, and with keys changed on every packet

–RC4-128 Stateful = RSA RC4 encryption with a 128-bit key, and with keys changed after some number of packets or whenever a packet is lost

–RC4-128 Stateless = RSA RC4 encryption with a 128-bit key, and with keys changed on every packet

–RC4-128 TLSv1 = RSA RC4 encryption with a 128-bit key and Transport Layer Security Version 1

•Sessions — The number of active sessions using this encryption algorithm. The sum of this column equals the total number of Active Sessions shown above.

•Bar Graph — The percentage of sessions using this encryption algorithm relative to the total active sessions, as a horizontal bar graph. Each segment of the bar in the column heading represents 25 percent.

•Percentage — The percentage of sessions using this encryption algorithm relative to the total active sessions, as a number. The sum of this column equals 100 percent (rounded).

Top Ten Lists

This section of the Manager shows statistics for the top 10 currently active VPN Concentrator sessions, sorted by:

•Data: total bytes transmitted and received.

•Duration: total time connected.

•Throughput: average throughput (bytes/sec).

Figure 17-5 Monitoring | Sessions | Top Ten Lists Screen

Top Ten Lists | Data

This screen shows statistics for the top 10 currently active VPN Concentrator sessions, sorted by data, total bytes transmitted and received.

Figure 17-6 Monitoring | Sessions | Top Ten Lists | Data Screen

Screen Elements

•Refresh — Click to update the screen and its data. The date and time indicate when the screen was last updated.

•Group (list box) — Choose a group from the menu to show session statistics for that group only. The default value is --All--, which displays session statistics for all groups.

•Username — The login username for the session.

•Group — The user's group.

•IP Address — The IP address of the session user. This is the address assigned to or supplied by a remote user, or the host address of a networked user. Local identifies the console directly connected to the VPN Concentrator.

•Protocol — The protocol that the session is using. Refer to the list under Protocols.

•Encryption — The data encryption algorithm that the session is using. See Encryption.

•Login Time — The date and time that this session logged in: MM/DD/YYYY HH:MM:SS. Time is in 24-hour notation.

•Total Bytes — The total number of bytes transmitted and received by this session. N/A = the session is not passing data, in other words, it is an administrator session.

Top Ten Lists | Duration

This screen shows statistics for the top 10 currently active VPN Concentrator sessions, sorted by duration: total time connected.

Figure 17-7 Monitoring | Sessions | Top Ten Lists | Duration Screen

Screen Elements

•Most are the same as those listed for Top Ten Lists | Data. Refer to that section of the documentation.

•Duration — The total amount of time that this session has been connected: HH:MM:SS.

Top Ten Lists | Throughput

This screen shows statistics for the top 10 currently active VPN Concentrator sessions, sorted by average throughput (bytes/sec).

Figure 17-8 Monitoring | Sessions | Top Ten Lists | Throughput Screen

Screen Elements

•Most are the same as those listed for Top Ten Lists | Data. Refer to that section of the documentation.

•Avg. Throughput (bytes/sec) — The average throughput of the session, which is [total bytes transmitted and received] divided by total connect time. N/A = the session is not passing data, in other words, it is an administrator session.

	VPN 3000 Series Concentrator Reference Volume II: Administration and Monitoring, Release 4.7
	Sessions
VPN 3000 Series Concentrator Reference Volume II: Administration and Monitoring, Release 4.7 A PDF Version of the Entire Book Preface Administration Administer Sessions Software Update System Reboot Reboot Status Ping Traceroute Monitoring Refresh Access Rights File Management Certificate Management Monitoring Routing Table Dynamic Filters Filterable Event Log System Status Sessions Statistics Using the Comand-Line Interface Troubleshooting and System Errors Copyrights, Licenses, and Notices Index	Download this chapter Sessions Table Of Contents Sessions Monitoring \| Sessions Screen Elements Detail Protocols Screen Elements SEPs Screen Elements Encryption Screen Elements Top Ten Lists Top Ten Lists \| Data Screen Elements Top Ten Lists \| Duration Screen Elements Top Ten Lists \| Throughput Screen Elements Sessions Monitoring \| Sessions The following screen shows comprehensive data for all active user and administrator sessions on the VPN Concentrator. Figure 17-1 Monitoring \| Sessions Screen Screen Elements The fields on this screen are the same as those provided for Administration \| Administer Sessions, except that this screen does not provide administrative options. See the documentation for the Administration \| Administer Sessions screen for an explanation of the fields found here. The following Administration screen elements are not on this Monitoring screen: •Logout All •NAC Revalidate All and Reinitialize All •Actions Additional Information The Monitoring \| Sessions screen provides protocol and encryption information for LAN-to-LAN, Remote Access, and Management sessions. See Monitoring \| Sessions \| Protocols for a graphical representation of sessions by protocol. See Monitoring \| Sessions \| Encryption for a graphical representation of sessions by encryption algorithm used. Detail These Manager screens show detailed parameters and statistics for a specific remote-access or LAN-to-LAN session. These screens are identical to Administration \| Administer Sessions \| Administer Sessions \| Detail. For information, see the Administration screen. The Manager displays the appropriate screen when you click a highlighted connection name or username on the Monitoring \| Sessions screen. See Table 2-2 for definitions of the possible session detail parameters, in alphabetical order. Protocols This screen graphically displays the protocols used by currently active user and administrator sessions on the VPN Concentrator. Figure 17-2 Monitoring \| Sessions \| Protocols Screen Screen Elements •Refresh — Click to update the screen and its data. The date and time indicate when the screen was last updated. •Group — Choose a group from the menu to show protocols used by currently active users in that group only. The default value is --All--, which displays protocols for users in all groups. •Active Sessions — The number of currently active sessions. •Total Sessions — The total number of sessions since the VPN Concentrator was last booted or reset. •Protocol — The protocol that the session is using: –Console = Directly connected console; no protocol –Debug/Console = Debugging via console (for Cisco use only) –Debug/Telnet = Debugging via Telnet (for Cisco use only) –FTP = File Transfer Protocol –HTTP = Hypertext Transfer Protocol (web browser) –IMAP4S E-Mail = E-Mail proxy connection over IMAP4S –IPSec = Internet Protocol Security tunneling protocol (remote-access users) –IPSec/LAN-to-LAN = IPSec LAN-to-LAN connection –IPSec/LAN-to-LAN/NAT-T = IPSec LAN-to-LAN connection over NAT Traversal –IPSec/NAT-T = IPSec over NAT Traversal –IPSec/TCP = IPSec through NAT (Network Address Translation) via TCP –IPSec/UDP = IPSec through NAT (Network Address Translation) via UDP –L2TP = Layer 2 Tunneling Protocol –L2TP/IPSec = L2TP over IPSec –L2TP/IPSec/NAT-T = L2TP/IPSec connection over NAT Traversal –Other = Protocol other than those listed here –POP3S E-Mail= E-Mail proxy connection over POP3S –PPTP = Point-to-Point Tunneling Protocol –SMTPS E-Mail = E-Mail proxy connection over SMTPS –SNMP = Simple Network Management Protocol –SSH = Secure SHell protocol –Telnet = Terminal emulation protocol –TFTP = Trivial File Transfer Protocol –VCA/IPSec = Virtual Cluster Agent via IPSec (For Cisco use only.) –WebVPN = SSL VPN •Sessions — The number of active sessions using this protocol. The sum of this column equals the total number of Active Sessions shown above. •Bar Graph — The percentage of sessions using this protocol relative to the total active sessions, as a horizontal bar graph. Each segment of the bar in the column heading represents 25 percent. •Percentage — The percentage of sessions using this protocol relative to the total active sessions, as a number. The sum of this column equals 100 percent (rounded). SEPs Note This screen appears on models 3015-3080 only. This screen graphically displays the SEP (Scalable Encryption Processing) or SEP-E (Enhanced SEP) modules used by currently active user and administrator sessions on the VPN Concentrator. SEP modules perform data encryption functions in hardware. Figure 17-3 Monitoring \| Sessions \| SEPs Screen Screen Elements •Refresh — Click to update the screen and its data. The date and time indicate when the screen was last updated. •Group — Choose a group from the menu to display SEP modules for that group only. The default value is --All--, which displays SEP modules for all groups. •Active Sessions — The number of currently active sessions. •Total Sessions — The total number of sessions since the VPN Concentrator was last booted or reset. •SEP — The SEP module that the sessions are using. –Not on SEP = using software encryption, or not using encryption. –1, 2, 3, 4 = SEP module 1, 2, 3, and 4, respectively. •Sessions — The number of active sessions using this SEP module. The sum of this column equals the total number of Active Sessions shown above. •Bar Graph — The percentage of sessions using this SEP module relative to the total active sessions, as a horizontal bar graph. Each segment of the bar in the column heading represents 25 percent. •Percentage — The percentage of sessions using this SEP module relative to the total active sessions, as a number. The sum of this column equals 100 percent (rounded). Encryption This screen graphically displays the data encryption algorithms used by currently active user and administrator sessions on the VPN Concentrator. Figure 17-4 Monitoring \| Sessions \| Encryption Screen Screen Elements •Refresh — Click to update the screen and its data. The date and time indicate when the screen was last updated. •Group — Choose a group from the menu to monitor data encryption algorithms used by currently active users in that group only. The default value is --All--, which displays data encryption algorithms for all groups. •Active Sessions — The number of currently active sessions. •Total Sessions — The total number of sessions since the VPN Concentrator was last booted or reset. •Encryption — The data encryption algorithm that the sessions are using: –None = no data encryption –Other = other than listed below –3DES-168 = Triple-DES encryption with a 168-bit key –3DES-168 TLSv1 = Triple-DES algorithm with a 168-bit key and Transport Layer Security Version 1 –AES-128 = Advanced Encryption Standard (AES) encryption with a 128-bit key –AES-192 = AES encryption with a 192-bit key –AES-256 = AES encryption with a 256-bit key –DES-40 = Data Encryption Standard encryption with a 56-bit key, 40 bits of which are private –DES-56 = DES algorithm with a 56-bit key –DES-56 TLSv1= DES algorithm with a 56-bit key and Transport Layer Security Version 1 –RC4-40 Stateful = RSA RC4 encryption with a 40-bit key, and with keys changed after some number of packets or whenever a packet is lost –RC4-40 Stateless = RSA RC4 encryption with a 40-bit key, and with keys changed on every packet –RC4-128 Stateful = RSA RC4 encryption with a 128-bit key, and with keys changed after some number of packets or whenever a packet is lost –RC4-128 Stateless = RSA RC4 encryption with a 128-bit key, and with keys changed on every packet –RC4-128 TLSv1 = RSA RC4 encryption with a 128-bit key and Transport Layer Security Version 1 •Sessions — The number of active sessions using this encryption algorithm. The sum of this column equals the total number of Active Sessions shown above. •Bar Graph — The percentage of sessions using this encryption algorithm relative to the total active sessions, as a horizontal bar graph. Each segment of the bar in the column heading represents 25 percent. •Percentage — The percentage of sessions using this encryption algorithm relative to the total active sessions, as a number. The sum of this column equals 100 percent (rounded). Top Ten Lists This section of the Manager shows statistics for the top 10 currently active VPN Concentrator sessions, sorted by: •Data: total bytes transmitted and received. •Duration: total time connected. •Throughput: average throughput (bytes/sec). Figure 17-5 Monitoring \| Sessions \| Top Ten Lists Screen Top Ten Lists \| Data This screen shows statistics for the top 10 currently active VPN Concentrator sessions, sorted by data, total bytes transmitted and received. Figure 17-6 Monitoring \| Sessions \| Top Ten Lists \| Data Screen Screen Elements •Refresh — Click to update the screen and its data. The date and time indicate when the screen was last updated. •Group (list box) — Choose a group from the menu to show session statistics for that group only. The default value is --All--, which displays session statistics for all groups. •Username — The login username for the session. •Group — The user's group. •IP Address — The IP address of the session user. This is the address assigned to or supplied by a remote user, or the host address of a networked user. Local identifies the console directly connected to the VPN Concentrator. •Protocol — The protocol that the session is using. Refer to the list under Protocols. •Encryption — The data encryption algorithm that the session is using. See Encryption. •Login Time — The date and time that this session logged in: MM/DD/YYYY HH:MM:SS. Time is in 24-hour notation. •Total Bytes — The total number of bytes transmitted and received by this session. N/A = the session is not passing data, in other words, it is an administrator session. Top Ten Lists \| Duration This screen shows statistics for the top 10 currently active VPN Concentrator sessions, sorted by duration: total time connected. Figure 17-7 Monitoring \| Sessions \| Top Ten Lists \| Duration Screen Screen Elements •Most are the same as those listed for Top Ten Lists \| Data. Refer to that section of the documentation. •Duration — The total amount of time that this session has been connected: HH:MM:SS. Top Ten Lists \| Throughput This screen shows statistics for the top 10 currently active VPN Concentrator sessions, sorted by average throughput (bytes/sec). Figure 17-8 Monitoring \| Sessions \| Top Ten Lists \| Throughput Screen Screen Elements •Most are the same as those listed for Top Ten Lists \| Data. Refer to that section of the documentation. •Avg. Throughput (bytes/sec) — The average throughput of the session, which is [total bytes transmitted and received] divided by total connect time. N/A = the session is not passing data, in other words, it is an administrator session.
	© 1992-2008 Cisco Systems, Inc. All rights reserved. Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks of Cisco Systems, Inc.