VPN Statistics
The ACL tab displays the ACL containing the ACEs that matched the session.
Modes
The following table shows the modes in which this feature is available:
Firewall Mode
Routed
•
Cluster Loads
Use this pane to view the current traffic load distribution among the servers in a VPN load-balancing
cluster. If the server is not part of a cluster, you receive an information message saying that this server
does not participate in a VPN load-balancing cluster.
Fields
•
Cisco ASA 5500 Series Configuration Guide using ASDM
70-8
Posture Token—Informational text string configurable on the Access Control Server. The ACS
–
downloads the posture token to the adaptive security appliance for informational purposes to aid
in system monitoring, reporting, debugging, and logging. A typical posture token is Healthy,
Checkup, Quarantine, Infected, or Unknown.
Redirect URL—Following posture validation or clientless authentication, the ACS downloads
–
the access policy for the session to the adaptive security appliance. The Redirect URL is an
optional part of the access policy payload. The adaptive security appliance redirects all HTTP
(port 80) and HTTPS (port 443) requests for the remote host to the Redirect URL if it is present.
If the access policy does not contain a Redirect URL, the adaptive security appliance does not
redirect HTTP and HTTPS requests from the remote host.
Redirect URLs remain in force until either the IPSec session ends or until posture revalidation,
for which the ACS downloads a new access policy that can contain a different redirect URL or
no redirect URL.
More—Press this button to revalidate or initialize the session or tunnel group.
Security Context
Transparent Single
—
•
VPN Cluster Loads—Displays the current load distribution in the VPN load-balancing cluster.
Clicking a column heading sorts the table, using the selected column as the sort key.
Public IP Address—Displays the externally visible IP address for the server.
–
Role—Indicates whether this server is a master or backup device in the cluster.
–
Priority—Shows the priority assigned to this server in the cluster. The priority must be an
–
integer in the range of 1 (lowest) to 10 (highest). The priority is used in the master-election
process as one way to determine which of the devices in a VPN load-balancing cluster becomes
the master or primary device for the cluster.
–
Model—Indicates the adaptive security appliance model name and number for this server.
–
IPSec Load %—Indicates what percentage of a server's total capacity is in use, based upon the
capacity of that server.
–
SSL Load %—Indicates what percentage of a SSL server's total capacity is in use, based upon
the capacity of that server.
–
IPSec Sessions—Shows the number of currently active sessions.
Multiple
Context
System
—
—
Chapter 70
Monitoring VPN
OL-20339-01