Buy or Renew
Buy or Renew
Meraki Community is live! Welcome Meraki Members! Learn more here.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1232
Views
0
Helpful
2
Replies

Simultaneous logins exceeded on 3005 bug ?

mats.karneman
Level 1
Level 1

‎08-10-2004 11:44 PM - edited ‎02-20-2020 11:33 PM

Hi all

We have a 3005 (4.1.4) that I have moved some site to site IPsec tunnels to from a 3005 with (3.6.7B)

The remote sites are mainly 837's with (12.2(8)YN) and up..

Now after the tunnel been connected for 22:48 hrs i get

>snip

24562 07/27/2004 07:46:52.720 SEV=3 AUTH/5 RPT=92 x.x.x.x

Authentication rejected: Reason = Simultaneous logins exceeded for user

handle = 291, server = (none), user = x.x.x.x, domain = <not specified>

>snip

I have specified simultaneus login to 1 in the Group\general tab, and that was fine in version 3.7.6

The SA's liftime is set to 3600.

Am i running in to a bug here ?

(One quick fix is to increase "sim login" to 2, but for security reasons it was sugested to keep it to 1 using pershared keys)

Any Ideas Anyone

Mats

0 Helpful
2 Replies 2

drolemc
Level 11
Level 11

‎08-17-2004 07:42 AM

Are the SA lifetimes same on both the ends? Also, enable Dead peer detection. Doing this might just help.

0 Helpful

mats.karneman
Level 1
Level 1
In response to drolemc

‎08-23-2004 02:57 AM

Hi

thx for you reply.

Yes the IKE proposal/isakmp policy is 86400 in both 3005 and ios router. that make sense, beacuse it should renegotiate 1 hr before it will expire.

DPD is active i.e IKE keepalive.

As I said this exact configuration worked fine in 3.7

but not in 4.1.5.

Any other ideas

Mats

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card