Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA behavior when exceeding max VPN clients?

The scenario is that we are planning to implement 2 or 3 ASA 5520s as standalone VPN concentrators to support remote user access.  As the ASA5520 supports 750 VPN connections, and there are ~1000 remote users, the question is:  What happens when user #751 attempts to connect to a single ASA 5520?  Will this user connection attempt fail, and then connect to the second IP address listed in the PCF in their VPN client config?

Thanks in advance for any insight you can provide, I have been unable to find this answer in the documentation.

Everyone's tags (3)

ASA behavior when exceeding max VPN clients?

Well, in case the ASA does not respond to the VPN client then it is not going to know it is connecting to ASA that ran out of license and it just won't connect and try the second one.

But my concerning now is...if the first ASA is going to allow the connection, prompt for the username and then fails...then you have a problem because the VPN client tries the second peer only when the first one does not respond and so on.

I guess making a lab with maybe two ASAs5505 with 10 VPN license should proof this..If you can't get one by monday let me know...I may have one chance to test it in a lab.


Posted by WebUser Dennis Ariel

CreatePlease login to create content