Cisco ASA – Find Out VPN Tunnel Uptime

KB ID 0000863 Dtd 30/09/13

Problem

I needed to get the Uptime/Duration of a particular VPN tunnel this week. It was for a client with multiple VPN tunnels that was having problems with just one.

Solution

Option 1 via Command Line

1. Connect to to the firewall > Go to enable mode and use the following command, replace 123.123.123.123 with the IP of your VPN endpoint.

Sent username "PeteLong" Type help or ‘?’ for a list of available commands. PetesASA> PetesASA> enable Password: ******** PetesASA# show vpn-sessiondb l2l filter name 123.123.123.123 | incl Duration Duration : 0h:08m:26s <<<<<<< PetesASA#

If you want a LOT MORE information use the following command;

PetesASA# show vpn-sessiondb detail l2l filter name 123.123.123.123

Session Type: LAN-to-LAN Detailed

Connection : 123.123.123.123 Index : 312 IP Addr : 123.123.123.123 Protocol : IKEv1 IPsec Encryption : IKEv1: (1)3DES IPsec: (1)3DES Hashing : IKEv1: (1)SHA1 IPsec: (1)SHA1 Bytes Tx : 18999 Bytes Rx : 26267 Login Time : 14:20:36 UTC Mon Sep 30 2013 Duration : 0h:32m:55s <<<<<<< IKEv1 Tunnels: 1 IPsec Tunnels: 1

IKEv1: Tunnel ID : 312.1 UDP Src Port : 500 UDP Dst Port : 500 IKE Neg Mode : Main Auth Mode : preSharedKeys Encryption : 3DES Hashing : SHA1 Rekey Int (T): 86400 Seconds Rekey Left(T): 84425 Seconds D/H Group : 2 Filter Name : IPv6 Filter :

IPsec: Tunnel ID : 312.2 Local Addr : 10.254.254.0/255.255.255.0/0/0 Remote Addr : 172.16.254.0/255.255.255.0/0/0 Encryption : 3DES Hashing : SHA1 Encapsulation: Tunnel PFS Group : 2 Rekey Int (T): 28800 Seconds Rekey Left(T): 26825 Seconds Rekey Int (D): 4608000 K-Bytes Rekey Left(D): 4607975 K-Bytes Idle Time Out: 30 Minutes Idle TO Left : 26 Minutes Bytes Tx : 18999 Bytes Rx : 26267 Pkts Tx : 94 Pkts Rx : 114

NAC: Reval Int (T): 0 Seconds Reval Left(T): 0 Seconds SQ Int (T) : 0 Seconds EoU Age(T) : 2000 Seconds Hold Left (T): 0 Seconds Posture Token: Redirect URL :

PetesASA#

Option 2 Via the ASDM

1. Connect to the ASDM > Monitoring > VPN > Sessions > Select the one you are interested in > Logon time Duration.

ASDM VPN Uptime

Related Articles, References, Credits, or External Links

NA

Author: Migrated

Share This Post On