Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1776
Views
15
Helpful
5
Replies

How many tunnels is able to do ASA 5545?

Zagam
Level 1
Level 1

‎06-07-2019 09:31 AM - edited ‎02-21-2020 09:12 AM

How many tunnels IPSec is able to do ASA 5545?

 

I have a doubt regarding how many tunnels IPSec I can do with ASA 5545, I mean I have an outside interface on ASA connect to interface router. In this only link how many tunnels could i do?

 

For example:

 

ASA Outside 10.10.10.10---------------------------------10.10.10.11 Router Interface.

 

Only one? 

 

Regards!

Labels:
0 Helpful
5 Replies 5

Rob Ingram
VIP
VIP

‎06-07-2019 10:30 AM

Hi,

The ASA 5545-X supports 2500 VPN tunnels, reference here. Even though you only have 1 IP address, the sequence number used on the crypto map is used to distinguish between the different peers. So I don't see why in your scenario you could not configure up to 2500 VPN tunnels.

 

HTH

Zagam
Level 1
Level 1
In response to Rob Ingram

‎06-07-2019 10:34 AM

Hi RJI!

 

It is not that I can not, I have not yet implemented it, I only had the doubt, but when you say 2500 tunnels do you mean tunnels or sessions?

0 Helpful

Rob Ingram
VIP
VIP
In response to Zagam

‎06-07-2019 10:47 AM

Reference document says "IPsec VPN Peers" = 2500, so each peer would be 1 tunnel, so therefore 2500 tunnels supported.

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Zagam

‎06-08-2019 05:28 AM

Sessions is generally used to refer to remote access VPN. Since almost nobody still uses the old IPsec IKEv1, we generally equate sessions with SSL VPN sessions for remote access clients. In that case there is a separate limit and you require AnyConnect licenses for your sessions. In the case of SSL VPN, the limit is also 2500.

So you could have up to 2500 SSL VPN sessions (assuming licenses are installed) in addition to 2500 IPsec site-to-site VPNs concurrently active.

Reference Table 3 here:

https://www.cisco.com/c/en/us/products/collateral/security/asa-5500-series-next-generation-firewalls/datasheet-c78-733916.html

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card