Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ASA 5510 Maximum tunnel count allowed

Hi,

We have a ASA 5510 (v8.2.2 with ASDM 6..4.7, 256Mb mem) with a license for 250 VPN Peers. The machine has currently one site-to-site VPN active. I've added a remote-access IPSec VPN for some users but when connecting from the remote site the connection is dropped and the ASA reports

%ASA-4-713239 Tunnel Rejected : The maximum tunnel count allowed has been reached.

I've searched for info relating to this message but I found none. Before I plan a restart (it's up for 222 days), is there something I could do on CLI to fix this ?

With regards,

Marcel Tempelman.

Everyone's tags (3)
4 REPLIES
New Member

ASA 5510 Maximum tunnel count allowed

Do you have a listing of how many cumulative vpn sessions you've had?   It sounds like your OS is looking at the count of cumulative vpn sessions you've had rather than how many are currently in progress.

New Member

ASA 5510 Maximum tunnel count allowed

During the time this ASA has been up, it only had one site-to-site active there was no remote-access activity. Don't know if the VPN had a lot of reconnections causing a session counter to go haywire (if this is possible at all).

New Member

ASA 5510 Maximum tunnel count allowed

Not sure how possible it is, however, I wouldn't completely rule it out either.   If you reboot your ASA, and the vpn connection comes back, then there may be a good degree of merit to what I mentioned.  

New Member

ASA 5510 Maximum tunnel count allowed

A reboot didn't solve the problem. The configured site-to-sites came backup without a glitch but remote-access VPN refused to work. Upgraded the kit to 8.2.5 ED and all works although the upgrade ruined a site-to-site with a 876 router (have had more mysterious problems with 87x/ASA site-to-site VPNs). Suddenly the VPN with the 876 failed at phase 1.

Luckily I was able to work around the 876 problem by adding the tunneled traffic to a VPN  on an ASA (we were alrady replacing some stuff). The DSL-line connected was used for voice traffic.

When I have time I will do some research why the VPN broke down. At the moment all is working.

Thx for the replies!

2047
Views
0
Helpful
4
Replies
CreatePlease to create content