Limit bandwidth for specific VPN (IPsec LAN-to-LAN) Tunnel

Unanswered Question
Feb 1st, 2008

I have been asked to investigate the possibility of limiting the bandwidth of a single IPsec LAN-to-LAN VPN tunnel during normal business hours. I'm not too familiar with setting policies on the ASA-5520 [ver 7.2(2)].

Any ideas?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)

Concerning the session establishment rate and if a SEP-E is installed, then the number of simultaneous concurrent IKE session negotiation limit is 40. If no SEP/SEP-E present, then the limit is 15. It has more to do with limiting P1 connect storms that could deplete system resources (mainly key generation capacity) if unchecked. Remote Access sessions from software VPN Clients >4.0 will only use 2 IPSec SAs even if configured for split tunneling. Pre-4.0 software clients and hardware clients will generate separate IPSec SAa for each split network, if configured. Limiting resource is memory.So it is totally depends on your network topology and traffic.


This Discussion