10-31-2008 11:08 AM - edited 02-21-2020 03:04 AM
We have two VPN 3005 Concentrators. We setup as Load Balancing. I understand that each VPN Concentrator has a limit of 100 concurrent licenses. Does this license include IPSEC and site-to-site? How does VPN Concentrator count site-to-site license? Does it count the number of site-to-site connection or does it count the number of users connect to the site?
Thanks.
Diane
11-04-2008 02:39 AM
Each tunnel counts as one irrespective of the LAN users as long as you are using the default IPSEC settings. You can enable a separate tunnel for each flow (but that is not the default).
Regards
Farrukh
11-04-2008 08:53 PM
Thanks for your response. So, if I setup 10 site-to-site VPNs, it means I am using 10 licenses. How do I find out if I use default IPSEC settings on Site-to-Site?
Thanks.
Diane
11-04-2008 09:43 PM
The setting I was talking about is in the Tunnel >> IPSEC SA section. The default inheritance is 'From Rule'. Which means all LAN users are part of the same tunnel/session. If you change it to 'From Data' then each pair will have their own VPN session.
10 VPNs would be counted as 10 yes AFAIK using the default inheritance setting.
Please rate if helpful.
Regards
Farrukh
11-06-2008 02:04 PM
Thanks very much for your response and information.
Do I need to change anything on Maximum Active Sessions if I want to use both IPSEC and site-to-site VPN? Configuration -> System -> General -> Sessions. The default is 100 on Maximum Active Sessions and 50 on Maximum Active WebVPN Sessions. I am not setting up the WebVPN.
Thanks.
Diane
11-08-2008 05:51 AM
No the defaults should be OK, they are based on the model.
Regards
Farrukh
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide