To see the number of currently connected Remote Access users, run this command (in Expert mode) on the VPN Security Gateway:
[Expert@HostName]# fw tab -t userc_users -s
Note: Check the value in the #VALS column.
The following three kernel tables on VSX Security Gateway hold the Remote Access users' connection information:
- userc_users - This table holds Remote Access client's IP address. All connections from this IP address are expected to be encrypted.
- userc_rules - This table holds a list of rules that are relevant for Remote Access client and a list of IP addresses and sessions key (for optimization). Client encrypt rules check this table to see if the connection belongs to Remote Access clients. This table is accessed in order to verify that incoming packets from a Remote Access client are allowed. The entries in this table are based on the Remote Access client's internal (encapsulated) IP address, which may be different from the source IP address, if the Remote Access client is behind NAT.
- userc_key - This table is a map between the Remote Access IP address and the cryptographic aspect of the connection. This table maps the scheme (FWZ or ISAKMP), the client user name and the user DN, the last time the client was authenticated, whether subnets are used with this client, IKE authentication methods.
Imported from Nokia support database
This solution is about products that are no longer supported and it will not be updated