Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2385
Views
0
Helpful
3
Replies

ASA Cut Through (Authentication) Proxy HTTPS concurrent connections

Go to solution
byron.momsen
Level 1
Level 1

‎07-30-2012 03:41 AM - edited ‎03-11-2019 04:36 PM

Hi

What are the limitations on the max number of concurrent HTTPS connections when using Auth Proxy for HTTPS traffic on a Cisco ASA 5520.

1) What is the max number of concurrent Authentications that the ASA can perform (HTTPS)?

2) Once Authenticated. What is the max number of concurrent HTTPS Authenticated connections to the back end HTTPS server.

Regards

Byron

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Karsten Iwen
VIP
VIP

‎07-30-2012 06:39 AM

The ASA allows 16 concurrent HTTPS-Authentication-sessions. This is documented in the config-guide:

http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/access_fwaaa.html#wp1150372

For the authenticated traffic the "normal" connection-limits apply as they are processed the same way as any other traffic.

If you want to authenticate your internal Users you should think about the Identity-Firewall-feature:

http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/access_idfw.html

View solution in original post

0 Helpful
3 Replies 3

Go to solution
nkarthikeyan
Level 7
Level 7

‎07-30-2012 06:21 AM

Hi Byron,

I guess it should be based on the concurrent VPN sessions for your Webvpn/SSL vpn. If so then 750 is the maximum session allowed through ASA 5520. Because the valid https authentication for your vpn connectivity will be considered as one session. Your second question depends on the HTTPS server which you have i suppose

Please do rate if the given information helps.

By

Karthik

0 Helpful

Go to solution
nkarthikeyan
Level 7
Level 7
In response to nkarthikeyan

‎07-30-2012 06:27 AM

Hi Byron,

Or you mean to say whenevr you hit the firewall with any traffic if that matches it will direct you to a proxy authentication of https which you are asking a count how many cut through proxy authentication for the same???

By

Karthik

0 Helpful

Go to solution
Karsten Iwen
VIP
VIP

‎07-30-2012 06:39 AM

The ASA allows 16 concurrent HTTPS-Authentication-sessions. This is documented in the config-guide:

http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/access_fwaaa.html#wp1150372

For the authenticated traffic the "normal" connection-limits apply as they are processed the same way as any other traffic.

If you want to authenticate your internal Users you should think about the Identity-Firewall-feature:

http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/access_idfw.html

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card