husycisco Mon, 02/25/2008 - 07:47
User Badges:
  • Gold, 750 points or more

Hi Max

You can run "sh ver" and see "Inside Hosts". Usually, it is "Unlimited" in most of license types. This is license limitations

As configuration limitations, It actually depends on your concurrent traffic between interfaces. More translation sessions, routing, more CPU and NVRAM utilization. There are no certain limitations.


Regards

Massimo Baschieri Mon, 02/25/2008 - 11:08
User Badges:

Hi Huseyin,

I'm interested in configuration limitations, I can understand limitations due to nvram size, but I cannot understand limitations due to cpu utilitazion and active sessions.

What I exactly need to know is, provided that the nvram is big enought to host, lets say, 1000 vpn internal users on an Asa5010, is there any limitations other than the 250 max concurrent connections?

Exept for the exhaustion of the nvram, is there any other limit after that I simply cannot add any further user?

Tnx,

Max.

Massimo Baschieri Tue, 02/26/2008 - 08:37
User Badges:

Hi Huseyin,

if you are referring to the detail about "ipsec vpn peers" I'm pretty sure it has to read as "concurrent ipsec connections" as it historically refers to the active isakmp sa's.

Are you aware of the fact that they may match also with the max users configurable on the internal database, that is the running config?

In other words, are you saying that in an asa5510 you can configure 250 internal users then the 250 + 1 is not allowed to be entered even if the nvram is used only for the half of its room?

Tnx,

Max.

Actions

This Discussion