02-25-2008 02:37 AM - edited 02-21-2020 01:54 AM
Hi all,
anyone knows how's limit of the configurable internal users on an asa?
Is the nvram size the only limit or is there some other kind of limitation?
Tnx,
Max.
02-25-2008 07:47 AM
Hi Max
You can run "sh ver" and see "Inside Hosts". Usually, it is "Unlimited" in most of license types. This is license limitations
As configuration limitations, It actually depends on your concurrent traffic between interfaces. More translation sessions, routing, more CPU and NVRAM utilization. There are no certain limitations.
Regards
02-25-2008 11:08 AM
Hi Huseyin,
I'm interested in configuration limitations, I can understand limitations due to nvram size, but I cannot understand limitations due to cpu utilitazion and active sessions.
What I exactly need to know is, provided that the nvram is big enought to host, lets say, 1000 vpn internal users on an Asa5010, is there any limitations other than the 250 max concurrent connections?
Exept for the exhaustion of the nvram, is there any other limit after that I simply cannot add any further user?
Tnx,
Max.
02-26-2008 03:52 AM
Max,
Here is the document you are exactly looking for
Regards
02-26-2008 08:37 AM
Hi Huseyin,
if you are referring to the detail about "ipsec vpn peers" I'm pretty sure it has to read as "concurrent ipsec connections" as it historically refers to the active isakmp sa's.
Are you aware of the fact that they may match also with the max users configurable on the internal database, that is the running config?
In other words, are you saying that in an asa5510 you can configure 250 internal users then the 250 + 1 is not allowed to be entered even if the nvram is used only for the half of its room?
Tnx,
Max.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: