cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
271
Views
5
Helpful
4
Replies
Cisco Employee

what is the limit for number of `crypto ikev2 authorization policy` in CSR1kv

Hi Experts,

 

I am using Cisco IOS XE Software, Version 16.08.01 image and doing remote authorization for flexvpn using per user(email) based authorization policy as shown below.

crypto ikev2 authorization policy user1@cisco.com
pool ACPOOL-LQL4M8F1ED49N6P5CKINF6C85C
aaa attribute list AAA-attr-LQL4M8F1ED49N6P5CKINF6C85C
!

Do we have any known limit for the number of authorization policies?

4 REPLIES 4
VIP Advocate RJI VIP Advocate
VIP Advocate

Re: what is the limit for number of `crypto ikev2 authorization policy` in CSR1kv

Hi,
Sorry no idea, I've never seen any reference to limits....but if that is a concern then normally that is when using RADIUS based central aaa authorization would be advisable, reducing configuration complexity on the hub routers.

HTH
Cisco Employee

Re: what is the limit for number of `crypto ikev2 authorization policy` in CSR1kv

Hi RJI, great to see you here again.
yeah .. external RADIUS/TAC server could be a better option but as we have some device limitation and we can use only aaa local authentication and authorization on CSR
Cisco Employee

Re: what is the limit for number of `crypto ikev2 authorization policy` in CSR1kv

Please post this in CSR community

thanks,

Nidhi 

Highlighted
Cisco Employee

Re: what is the limit for number of `crypto ikev2 authorization policy` in CSR1kv

Thanks, Nidhi Is it not visible there?