I knew there was a limit to the number of simultaneous sessions but never knew about a limit to the number of defined users. I have several hundred users but am using NT Domain and AD for authentication though.
I am using the Cisco internal user database. Are you using a RADIUS server or just using straight authentication through Kerberos/Active Directory? I have always wanted to get it authenticating through AD so that I only have to administer one set of user accounts.
I am using both NT Domain and Kerberos. The server group just recently added Kerberos support as part of the AD upgrade / conversion and I "converted" one of the two NT Domain servers to use that. I have the Kerberos server at the top and then the NT domain second. All my groups use at least NT Domain authentication against the AD for authentication.
The only issue we have is that passwords cannot be reset on login through the VPN client.
I will be talking with out partner's CCIE this afternoon and will ask about the "internal" limit.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...