05-16-2018 12:33 PM - edited 03-12-2019 05:17 AM
Our shop does not utilize many Anyconnect sessions, or S2S VPN tunnels. However, we do have an ASA running in Multi Context mode that we will be utilizing for these 2 functions. My question is pretty basic, in that I know by default VPN resources are disabled, and require a resource class to be setup. We have 20K Anyconnect Peers, and 20K VPN Other (s2s) license available. We will be creating 5 different contexts for our various s2s, and anyconnect function. Some will be used for s2s and some anyconnect. Should I create one big resource class and make each context a member, or break it up into Anyconnect, and S2S resouce classes? If I create one big class, will each context basically share the resources of that class? Do the classes have to divide up the resources to the total of licenses?
When I say we don't utilize these services much, I mean we won't even be touching 100-200 Anyconnect sessions, or s2s tunnels across all contexts combined, much less 20K.
Thanks
Solved! Go to Solution.
05-16-2018 01:38 PM - edited 05-16-2018 03:50 PM
Found my answer for the most part. Basically, you just can't exceed the appliance limitation, or license limit when you allocate a resource class to a context. SO if you are licensed for 5000 Anyconnect peers, and create class anyconnect with a limit of 2500, you can only apply that to 2 contexts. VPN bursts can be used for oversubscription and sharing between contexts but not Anyconnect, or VPN other resources.
05-16-2018 01:38 PM - edited 05-16-2018 03:50 PM
Found my answer for the most part. Basically, you just can't exceed the appliance limitation, or license limit when you allocate a resource class to a context. SO if you are licensed for 5000 Anyconnect peers, and create class anyconnect with a limit of 2500, you can only apply that to 2 contexts. VPN bursts can be used for oversubscription and sharing between contexts but not Anyconnect, or VPN other resources.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: