03-09-2020 09:14 PM
We were having ASA 5510 Security Plus license ad configured the SSL & IPsec VPN,with this how many maximum user can able to connect to VPN using Anyconnect/VPN client.
License Information:
IPsec : 250 Configured : 250
SSL VPN : 250 Configured : 250
What is the difference between IPsec & SSL VPN? Clientless & Client?
03-09-2020 11:03 PM
Hi,
you will be having in total 250 users which can be mix of IPSEC or SSL. It is mention in their datasheet about the capacity e.g incase of cluster of 10 appliances , maximum of 2500 SSL VPN peers or 2500 IPsec VPN peers per cluster
03-09-2020 11:28 PM
We didn't have clustering,hence as per your above statement we can have mix of 250 SSL/IPSEC VPN peer.
I have created a pool of 150 IP to connect to VPN and would like to increase the no.of users connecting to VPN
Max how many IP address Pool that can be allowed? 250 or more than that
03-10-2020 02:07 AM
Hi,
For IP pool, there is no such restriction. You can have a pool of 250+ IP's also.
03-13-2020 10:31 PM
I could see that the ASA 5510 was EOL, if i'm planning to go for NGFW for about 2000 employee organization.
How do choose a NGFW?
What are the prerequisites that i need to concentrate on?
Physical vs Virtual NGFW?
03-10-2020 03:02 AM
Hi,
Regardless of your IP pool size (bigger than 250 IP's or not), the ASA won't let you have more than 250 concurrent SSL/IPsec sessions; any new incoming session should be denied.
Regards,
Cristian Matei.
03-13-2020 10:33 PM
03-14-2020 04:51 AM - edited 03-14-2020 04:52 AM
Hi,
It depends where u will place the firewall.
If u place on internet edge to provide protection + VPN concentration + publishing some internal services then I believe u should at least consider following:
- bandwidth of the internet link and the capacity of firewall to handle to support with all the security features enabled
- VPN capacity, firewall should support 2000 users
If there are some local services that will be published outside then it is also a good idea to review number of connections per second and concurrent connections
For ur environment, FPR 2120 looks fine since it can handle up to 3500 VPN users
Have a look on the below datasheet for detailed specifications:
03-16-2020 10:37 AM
If we need only 750 user vpn peer what would be the best ASA product. We are ok with Cloud related Virtual ASA as well.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide