Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
353
Views
0
Helpful
3
Replies

Cisco ACS 5.x w/ SNS-3415

tookenyip12
Level 1
Level 1

‎08-06-2014 02:20 AM - edited ‎03-10-2019 09:55 PM

Hi all,

I saw that without large deployment add-on license the appliance can support up to 500 AAA client. Is that concurrent or total? E.g. customer might have 2000 AAA client but only 400 clients will authenticate. So in this case do I still need to buy the large deployment license?

Regards,

Daniel

Labels:
0 Helpful
3 Replies 3

nkarthikeyan
Level 7
Level 7

‎08-06-2014 04:06 AM

HI,

 

The count is for overall device count that you can add in your acs box.... not the concurrent user sessions.... if you want to add 501st  aaa client to be added then you need the top up license....

 

Regards

Karthik

0 Helpful

tookenyip12
Level 1
Level 1
In response to nkarthikeyan

‎08-06-2014 04:11 AM

Hello Karthik. Thanks for the reply. My local Cisco SE told me that the unique IP addresses is based on Network Access Device like switches or routers. It doesn't care how many laptop in customer environment that wants to authenticate with the ACS. Is that true?
0 Helpful

nkarthikeyan
Level 7
Level 7
In response to tookenyip12

‎08-06-2014 04:34 AM

Hi,

 

Yes. That is true.... 500 limit is for number of aaa clients (devices like routers or switches) that you add as an aaa client...... it doesn't matter for the user database which you have in ACS.

 

say in you company if you have 800 devices and that you want to control with your ACS as TACACS+/Radius Server... then you need a top up license to add all 800 devices 2 it for authentication....

 

Also it calculates on unique IP address that we add for authentication..... if you mention a aaa client say router1/192.168.1.10/255.255.255.240 ... then it calculates as 16 devices added to it.... since we have subnet mask added in that way....

 

Regards
Karthik
0 Helpful
Customers Also Viewed These Support Documents