07-29-2007 04:30 AM - edited 03-11-2019 03:50 AM
in the ASA specs there is number of users ( in the ASA5505 = 10), what these users indicates, is it the total users can login to the ASA at the same time? plz help
07-29-2007 04:46 AM
Hi
I'm assuming you are referring to these figures ?
Feature Description
Firewall throughput Up to 150 Mbps
VPN throughput Up to 100 Mbps
Concurrent sessions 10,000/25,000*
IPsec VPN peers 10; 25*
What this means is that you can have 10 at most VPN connections (25 with Security plus license). These VPN connections can be a mixture of site-to-site VPN & remote access VPN's but in total they must not exceed 10.
For non-vpn use the ASA5505 supports 10,000 concurrent connections or 25,000 with the Security Plus license. So you can support up to 25,000 separate connections at any one time.
HTH
Jon
07-29-2007 09:50 AM
jon
thanks for answer, but not this what i mean, see ASA5505 specs below:
Cisco ASA 5505 10 User Firewall Edition Bundle
Includes: 10 users, 8-port Fast Ethernet switch with 2 Power over Ethernet ports,
10 IPSec VPN peers, 2 SSL VPN peers, Triple Data Encryption.
i mean what 10 users mean in the begining.
07-29-2007 04:32 PM
That means 10 inside hosts are permitted.
07-30-2007 01:22 AM
Thanks froggy
But do you mean only 10 inside hosts can work behind the ASA?!!
Sorry, but I guess this is not correct because with Nat concept that used by the ASA can serve more than 10
07-29-2007 10:30 PM
10 is the maximum IPSEC site-to-site and remote access VPN user sessions.
The 2 SSL VPN remote access that included is for evaluation and remote management purposes.
07-30-2007 01:17 AM
medan
thanks for answer, but not this what i mean, see ASA5505 specs below:
Cisco ASA 5505 10 User Firewall Edition Bundle
Includes: 10 users, 8-port Fast Ethernet switch with 2 Power over Ethernet ports,
10 IPSec VPN peers, 2 SSL VPN peers, Triple Data Encryption.
i mean what 10 users means in the begining.
07-30-2007 03:15 AM
I think this is the number of concurrent ssl/ipsec vpn users (client to site vpn).
see if this url is useful for your reference
http://www.cisco.com/en/US/products/ps6120/products_data_sheet0900aecd80402e3f.html#wp9000021
rgds
07-30-2007 06:50 AM
***Cisco ASA 5505 10 User Firewall Edition Bundle
- Is the description of the bundle in which "10 User" means includes 10 user license
remote access IPSec VPN
***Includes
- This are the feature/modules included in the bundle in more detail.
- The "10 users" is again 10 user license remote access IPSec VPN
- The "10 IPSec VPN peers" is the maximum site-to-site IPSec VPN
- The "2 SSL VPN peers" is for evaluation and remote management purposes
- "Triple Data Encryption" is also known as IPSec 3DES which indicates IPSec 3DES license
07-30-2007 04:19 AM
This talks about the Pix line but I think it is the same for the ASA's:
User Licenses
Cisco PIX 501 Security Appliances, a popular security solution for Small Office/Home Office network environments, support User Licenses. This license controls how many internal users (located on the inside network of a Cisco PIX Security Appliance) that can concurrently access the Internet, or other resources through the outside interface of the appliance. Supported license levels include: 10 users, 50 users, and unlimited users. Cisco Systems provides three different pre-configured bundles of the Cisco PIX 501 Security Appliance, making it easy for businesses to purchase an appliance with the appropriate User License installed. Businesses can upgrade from one User License level to another, as their needs grow, by purchasing the appropriate User License upgrade part number.
07-30-2007 04:27 AM
I think it's the number of users allowed to make outbound connections through the pix/asa. the number of VPN users is not included in this number.
If you have a 10 user license, once 10 inside hosts initiate outbound connections, the 11th host will fail. This has nothing to do with internal hosts communicating among one another.
typing this makes me wonder if having an internal proxy server would be one way to bypass this restriction. hrmm.....
07-30-2007 08:17 AM
thanks very much h.parsons
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: