Unanswered Question

Hi Guys

could u Please Explain what does it mean the below,pls in brief

Throughput                                       150 Mbps
Connections                                     10,000–25,000
VPN throughput                                 100 Mbps


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Jennifer Halim Mon, 05/17/2010 - 02:00

I am assuming that you are enquiring about ASA 5505 performance, so:

Throughput of 150Mbps means any clear text traffiic going through the ASA firewall, the maximum aggregated throughput is 150 Mbps.

Connections with base license is 10,000, ie: you can have up to 10,000 maximum connection concurrently, and with security plus license, it's 25,000 maximum connections concurrently.

Lastly, for all VPN connection terminating on the firewall, the aggregated throughput would be 100Mbps. This includes all types of VPN, ie: IPSec LAN-to-LAN tunnels, IPSec Remote access vpn, SSL VPN, Easy VPN.

Hope that helps.

Jennifer Halim Mon, 05/17/2010 - 02:22

The VPN throughput is for 3DES and AES encryption.

AES is the highest level of encryption that can be configured on the ASA.

Jennifer Halim Mon, 05/17/2010 - 02:38

If you will be terminating VPN on the ASA, you would like to find out how many IPSec VPN Client users will be connecting concurrently, as well as how many Lan-to-Lan VPN tunnels. With IPSec VPN on ASA 5505 - base license, you can only have 10 IPSec VPN tunnels, and with security plus license, you can only have up to 25 VPN tunnels (it includes both lan-to-lan tunnel as well as remote access vpn client).

If you would be terminating SSL on the ASA, it only comes with 2 default SSL license, and if you need more SSL VPN tunnels, you would need to purchase extra SSL license. There is also a maximum number of SSL VPN supported for each ASA model.

With ASA 5505, it provides 8 switchports, instead of normal routed port that you might want to be aware of. You also need to check how many VLANs you would like to terminate on the ASA as different models have different maximum VLANs supported.

Lastly, different ASA models also support expansion of AIP module (IPS), CSC module (Anti virus) and 4GE extra ports module

You might want to check out the ASA model comparison for all the ASA 5500 series model that has all the above information:




This Discussion