cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to Cisco Firewalls Community


1714
Views
0
Helpful
3
Replies
Highlighted
Beginner

ASA Cut Through (Authentication) Proxy HTTPS concurrent connections

Hi

What are the limitations on the max number of concurrent HTTPS connections when using Auth Proxy for HTTPS traffic on a Cisco ASA 5520.

1) What is the max number of concurrent Authentications that the ASA can perform (HTTPS)?

2) Once Authenticated. What is the max number of concurrent HTTPS Authenticated connections to the back end HTTPS server.

Regards

Byron

1 ACCEPTED SOLUTION

Accepted Solutions
VIP Mentor

Re: ASA Cut Through (Authentication) Proxy HTTPS concurrent conn

The ASA allows 16 concurrent HTTPS-Authentication-sessions. This is documented in the config-guide:

http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/access_fwaaa.html#wp1150372

For the authenticated traffic the "normal" connection-limits apply as they are processed the same way as any other traffic.

If you want to authenticate your internal Users you should think about the Identity-Firewall-feature:

http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/access_idfw.html

View solution in original post

3 REPLIES 3
Rising star

ASA Cut Through (Authentication) Proxy HTTPS concurrent connecti

Hi Byron,

I guess it should be based on the concurrent VPN sessions for your Webvpn/SSL vpn. If so then 750 is the maximum session allowed through ASA 5520. Because the valid https authentication for your vpn connectivity will be considered as one session. Your second question depends on the HTTPS server which you have i suppose

Please do rate if the given information helps.

By

Karthik

Rising star

ASA Cut Through (Authentication) Proxy HTTPS concurrent connecti

Hi Byron,

Or you mean to say whenevr you hit the firewall with any traffic if that matches it will direct you to a proxy authentication of https which you are asking a count how many cut through proxy authentication for the same???

By

Karthik

VIP Mentor

Re: ASA Cut Through (Authentication) Proxy HTTPS concurrent conn

The ASA allows 16 concurrent HTTPS-Authentication-sessions. This is documented in the config-guide:

http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/access_fwaaa.html#wp1150372

For the authenticated traffic the "normal" connection-limits apply as they are processed the same way as any other traffic.

If you want to authenticate your internal Users you should think about the Identity-Firewall-feature:

http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/access_idfw.html

View solution in original post