I have some 5540's and ACS Servers. Currently I have remote access VPN's set up to the 5540's. All of my VPM groups are reasonably small but there are many of them and each group has their access restircted by ACL's. In trying to plan for a pandemic where everybody would have to work from home, I was asked to scale the VPN solution to basically max out the 5000 vpn limit on the 5540's...the problem is that I don't have enough ip address space in the current groups and can't allocate any more ip addresses at all. So how can I increase the size of these groups without pulling more ip addresses from my network out and still maintain the ACL's without having to modify them. I was thinking that the ACS Server could provide a solution here using dACL's and RADIUS authentication but I am not sure. Any ideas?
You may try using the command "vpn-sessiondb max-session-limit" as this command used to limit VPN sessions to a lower value than the security appliance allows, use the vpn-sessiondb max-session-limit command in global configuration mode. The following example shows how to set a maximum VPN session limit of 450:
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...