05-16-2018 12:33 PM - edited 03-12-2019 05:17 AM
Our shop does not utilize many Anyconnect sessions, or S2S VPN tunnels. However, we do have an ASA running in Multi Context mode that we will be utilizing for these 2 functions. My question is pretty basic, in that I know by default VPN resources are disabled, and require a resource class to be setup. We have 20K Anyconnect Peers, and 20K VPN Other (s2s) license available. We will be creating 5 different contexts for our various s2s, and anyconnect function. Some will be used for s2s and some anyconnect. Should I create one big resource class and make each context a member, or break it up into Anyconnect, and S2S resouce classes? If I create one big class, will each context basically share the resources of that class? Do the classes have to divide up the resources to the total of licenses?
When I say we don't utilize these services much, I mean we won't even be touching 100-200 Anyconnect sessions, or s2s tunnels across all contexts combined, much less 20K.
Thanks
Solved! Go to Solution.
05-16-2018 01:38 PM - edited 05-16-2018 03:50 PM
Found my answer for the most part. Basically, you just can't exceed the appliance limitation, or license limit when you allocate a resource class to a context. SO if you are licensed for 5000 Anyconnect peers, and create class anyconnect with a limit of 2500, you can only apply that to 2 contexts. VPN bursts can be used for oversubscription and sharing between contexts but not Anyconnect, or VPN other resources.
05-16-2018 01:38 PM - edited 05-16-2018 03:50 PM
Found my answer for the most part. Basically, you just can't exceed the appliance limitation, or license limit when you allocate a resource class to a context. SO if you are licensed for 5000 Anyconnect peers, and create class anyconnect with a limit of 2500, you can only apply that to 2 contexts. VPN bursts can be used for oversubscription and sharing between contexts but not Anyconnect, or VPN other resources.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide