Skip to main content



Cisco Defense Orchestrator

Terminate Active Remote Access VPN Sessions on FTD

Currently, it is not possible to terminate RA VPN sessions on an FTD using the CDO interface. Instead, you can connect to the FTD CLI using SSH and disconnect the desired user. You can perform this task on an online FTD device onboarded to CDO. 

CDO provides a VPN Sessions Manager user role to allow users to view and terminate VPN sessions. See User Roles for more information. 

  1. Log on to FDM and use the device CLI as explained in the Logging Into the Command Line Interface (CLI) section of the "Getting Started" chapter of the Cisco Firepower Threat Defense Configuration Guide for Firepower Device Manager for the version your device is running. 
  2. Execute the vpn-sessionsdb logoff {name} command replacing 'name' with the user name.
    This command terminates all sessions for the username that you specify.
  • Was this article helpful?