Chapter 3 Authentication for FortiOS 5.0 : Monitoring authenticated users : Monitoring SSL VPN users
  
Monitoring SSL VPN users
You can monitor web-mode and tunnel-mode SSL VPN users by username and IP address.
To monitor SSL VPN users, go to VPN > Monitor > SSL-VPN Monitor. To disconnect a user, select the user and then select the Delete icon.
Figure 127: Monitoring SSL VPN users
The first line, listing the username and IP address, is present for a user with either a web-mode or tunnel-mode connection. The Subsession line is present only if the user has a tunnel mode connection. The Description column displays the virtual IP address assigned to the user’s tunnel-mode connection.
For more information about SSL VPN, see the FortiOS Handbook SSL VPN chapter.
To monitor SSL VPN users - CLI
To list all of the SSL VPN sessions and their index numbers:
execute vpn sslvpn list
The output looks like this:
SSL-VPN Login Users:
 Index   User   Auth Type     Timeout        From     HTTPS in/out
 0       user1  1              256    172.20.120.51   0/0
 
SSL-VPN sessions:
 Index   User    Source IP      Tunnel/Dest IP
 0       user2   172.20.120.51  10.0.0.1
 
You can use the Index value in the following commands to disconnect user sessions:
To disconnect a tunnel-mode user
execute vpn sslvpn del-tunnel <index>
To disconnect a web-mode user
execute vpn sslvpn del-web <index>
You can also disconnect multiple users:
To disconnect all tunnel-mode SSL VPN users in this VDOM
execute vpn ssl del-all tunnel
To disconnect all SSL VPN users in this VDOM
execute vpn ssl del-all