Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Limit bandwidth for specific VPN (IPsec LAN-to-LAN) Tunnel

I have been asked to investigate the possibility of limiting the bandwidth of a single IPsec LAN-to-LAN VPN tunnel during normal business hours. I'm not too familiar with setting policies on the ASA-5520 [ver 7.2(2)].

Any ideas?

1 REPLY
Silver

Re: Limit bandwidth for specific VPN (IPsec LAN-to-LAN) Tunnel

Concerning the session establishment rate and if a SEP-E is installed, then the number of simultaneous concurrent IKE session negotiation limit is 40. If no SEP/SEP-E present, then the limit is 15. It has more to do with limiting P1 connect storms that could deplete system resources (mainly key generation capacity) if unchecked. Remote Access sessions from software VPN Clients >4.0 will only use 2 IPSec SAs even if configured for split tunneling. Pre-4.0 software clients and hardware clients will generate separate IPSec SAa for each split network, if configured. Limiting resource is memory.So it is totally depends on your network topology and traffic.

575
Views
0
Helpful
1
Replies
CreatePlease to create content