DocsYouTube ChannelDevNetCisco Defense Orchestrator DocsFirewall How To Community
Guides

Remote Access VPN Dashboard

Suggest Edits

Introduction

Cisco Secure Firewall Release 7.3 introduces the Remote Access Virtual Private Network (RAVPN) dashboard that enables administrators to monitor real-time data from active RA VPN sessions and additional details associated with these sessions on Secure Firewall Threat Defense devices.

The dashboard helps to determine issues related to user sessions and how to mitigate them along with providing identity certificate details for VPN gateways that can be used to proactively renew any soon-to-be-expiring certificates.

Dashboard Overview

The RA VPN dashboard is accessible on Secure Firewall Management Center by navigating to Overview > Dashboards > Remote Access VPN.

**Figure 1: ** RA VPN Dashboard

Figure 1: RA VPN Dashboard

The dashboard consists of the following widgets:

  1. Active Sessions (Map view)
  2. Active Sessions (Tabular View)
  3. Sessions
  4. Device Identity Certificates

Active Sessions (Map view)

This widget presents an interactive heat map of all the active RA VPN users connected to Secure Firewall Threat Defense devices managed by the Secure Firewall Management Center.

**Figure 2: ** Active Sessions (map view) widget within RA VPN Dashboard

Figure 2: Active Sessions (map view) widget within RA VPN Dashboard

This widget shows the user sessions based on their geolocation. Each country that has user sessions appears in a shade of blue, which is determined by the number of sessions within the country. The Sessions legend on the right determines the shade of blue for each country with RA VPN sessions.

**Figure 3: ** Legend for RA VPN sessions heat map

Figure 3: Legend for RA VPN sessions heat map

The administrators can hover the mouse pointer over the map to view the country name and the total number of active user sessions within the country.

**Figure 4: ** Country-specific RA VPN user session details

Figure 4: Country-specific RA VPN user session details

The map also includes options for zooming in, zooming out, and resetting in the top right corner.

Active Sessions (Tabular View)

This widget shows the following details of all the RA VPN users in a tabular format:

  1. Username
  2. Assigned IP
  3. Public IP
  4. Login Time
  5. Gateway on which RA VPN session is established
  6. Country
  7. Client Application
  8. Client OS
  9. Connection Profile
  10. Group-policy
**Figure 5: ** Active RA VPN user sessions in Tabular Format

Figure 5: Active RA VPN user sessions in Tabular Format

All the sessions can be filtered based on the above attributes except Login Time to narrow down the search.

**Figure 6: ** Filtering options within Active Sessions widget

Figure 6: Filtering options within Active Sessions widget

In the scenarios where an unauthorized user(s) are connected to VPN gateways, this widget allows administrators to terminate the session(s) based on different options.

To terminate a session, click on three dots under the Actions column and select one of the following options:

  • Terminate a session of a specific user
  • Terminate all sessions of a specific user connected to a specific VPN gateway.
  • Terminate all sessions that are connected to a specific VPN gateway.
**Figure 7: ** Terminating unauthorized RA VPN user session

Figure 7: Terminating unauthorized RA VPN user session

Once selected, acknowledge the confirmation dialog pop-up to confirm session termination.

**Figure 8: ** Session Termination pop-up window

Figure 8: Session Termination pop-up window

Sessions

This widget shows the holistic view of overall RA VPN sessions present on all the Secure Firewall Threat Defense devices. The widget shows the total session count and the session count per type selected.

**Figure 9: ** Sessions widget displaying total sessions and sessions by type

Figure 9: Sessions widget displaying total sessions and sessions by type

Within the Sessions widget, click on the drop-down menu to view all the available options. The sessions can be grouped together based on Device, Encryption Type, Cisco Secure Client version, Operating System, and Connection Profile.

**Figure 10: ** Available filtering options within the Sessions widget

Figure 10: Available filtering options within the Sessions widget

Device Identity Certificates

To aid administrators in the monitoring certificates associated with Secure Firewall Threat Defense devices as VPN gateways, this widget displays details regarding the identity certificates issued to FTD devices.

Another key capability within the dashboard is the information it shows about any expired certificates and the certificates that are due for expiry within a month. Administrators can click View Details to navigate to Device > Certificates that lists certificate details with a filter set to Expiry in a month in order to renew the certificates.

**Figure 11: ** Device Identity Certificates widget

Figure 11: Device Identity Certificates widget

Summary

The new RA VPN Dashboard provides real-time monitoring of active RA VPN sessions and efficient identity certificate management for Secure Firewall Threat Defense devices. Administrators can leverage the dashboard to review details of their active RA VPN sessions, terminate unauthorized sessions, and proactively renew identity certificates that are about to expire.

📚Additional Resources

To learn more about the RA VPN dashboard, please refer to the following guide:

Updated almost 2 years ago

© 2024 Cisco Systems, Inc.
Title of the document The current suggested release is 7.4.2 Check out our new 7.6 Release Overview video.