Cisco FirePOWER ASA 5500 series Configuration Manual page 538

Viewing L2TP over IPSec Connection Information
Login Time
Duration
Filter Name
NAC Result
Posture Token:
IKE Sessions: 1
IPSec Sessions: 1
L2TPOverIPSec Sessions: 1
IKE:
Session ID
UDP Src Port : 500
IKE Neg Mode : Main
Encryption
Rekey Int (T): 28800 Seconds
D/H Group
IPSec:
Session ID
Local Addr
Remote Addr
Encryption
Encapsulation: Transport
Rekey Int (T): 3600 Seconds
Rekey Int (D): 95000 K-Bytes
Idle Time Out: 30 Minutes
Bytes Tx
Pkts Tx
L2TPOverIPSec:
Session ID
Username
Assigned IP
Encryption
Idle Time Out: 30 Minutes
Bytes Tx
Pkts Tx
The following example shows the details of a single L2TP over IPSec over NAT connection:
hostname# show vpn-sessiondb detail remote filter protocol L2TPOverIPSecOverNAtT
Session Type: Remote Detailed
Username
Index
Assigned IP
Protocol
Hashing
Bytes Tx
Client Type
Group Policy : DfltGrpPolicy
Tunnel Group : l2tpcert
Login Time
Duration
Filter Name
NAC Result
Posture Token:
IKE Sessions: 1
Cisco Security Appliance Command Line Configuration Guide
28-6
: 13:24:48 UTC Thu Mar 30 2006
: 1h:09m:18s
: #ACSACL#-IP-ACL4Clients-440fa5aa
: N/A
: 1
: 3DES
: 2
: 2
: 80.208.1.2/255.255.255.255/17/1701
: 70.208.1.212/255.255.255.255/17/1701
: 3DES
: 419064
: 4201
: 3
: l2tp
: 90.208.1.200
: none
: 301386
: 4198
: v_gonzalez
: 2
: 90.208.1.202
: L2TPOverIPSecOverNatT
: MD5
: 1009
:
: 14:35:15 UTC Thu Mar 30 2006
: 0h:00m:07s
:
: N/A
Chapter 28
UDP Dst Port : 500
Auth Mode : preSharedKeys
Hashing : SHA1
Rekey Left(T): 24643 Seconds
Hashing : SHA1
Rekey Left(T): 2856 Seconds
Rekey Left(D): 95000 K-Bytes
Idle TO Left : 30 Minutes
Bytes Rx : 425040
Pkts Rx : 4227
Auth Mode : PAP
Idle TO Left : 30 Minutes
Bytes Rx : 306480
Pkts Rx : 4224
Public IP : 70.208.1.2
Encryption : 3DES
Bytes Rx : 2241
Client Ver :
Configuring L2TP over IPSec
OL-10088-01