Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
905
Views
0
Helpful
1
Replies

Limit bandwidth for specific VPN (IPsec LAN-to-LAN) Tunnel

algoetz
Level 1
Level 1

‎02-01-2008 08:04 AM - edited ‎02-21-2020 03:31 PM

I have been asked to investigate the possibility of limiting the bandwidth of a single IPsec LAN-to-LAN VPN tunnel during normal business hours. I'm not too familiar with setting policies on the ASA-5520 [ver 7.2(2)].

Any ideas?

Labels:
0 Helpful
1 Reply 1

wong34539
Level 6
Level 6

‎02-07-2008 11:38 AM

Concerning the session establishment rate and if a SEP-E is installed, then the number of simultaneous concurrent IKE session negotiation limit is 40. If no SEP/SEP-E present, then the limit is 15. It has more to do with limiting P1 connect storms that could deplete system resources (mainly key generation capacity) if unchecked. Remote Access sessions from software VPN Clients >4.0 will only use 2 IPSec SAs even if configured for split tunneling. Pre-4.0 software clients and hardware clients will generate separate IPSec SAa for each split network, if configured. Limiting resource is memory.So it is totally depends on your network topology and traffic.

0 Helpful
Customers Also Viewed These Support Documents