01-20-2021 02:11 AM
Hi,
I have a 5545x with 2500 AnyConnect premium licenses, however when I get to about 990 connected users, additional clients struggle to connect.
CPU is around 60% utilisation and the AnyConnect load is 40%.
Is there a configuration setting I've missed where you can limit the number of AnyConnect clients?
Firewall is on 9.8(4)26
Cheers
01-20-2021 05:15 AM
There is a seldom-used command that can do what you describe:
vpn-sessiondb max-session-limit
If that's not in place, then something else is going on.
01-20-2021 05:22 AM
Thanks Marvin,
I did find that command after posting - well I found it in ASDM anyway. it's not set so in theory should be able to hit 2500 users.
Is there anything else that sould possible cause the issue? I've checked the network link and that's not over utilised either
01-20-2021 05:29 AM
There are a number of settings in this guide for AnyConnect but mostly around performance optimization:
The key thing would be to collect logs (syslog messages) when users are trying and failing to connect. As long as you have informational level logging set there should be some indicators of why a given session is unable to establish.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide