05-14-2024 03:52 AM
I am trying to track down data on how a virtualized ASA handles AnyConnect IPSec loads of around 1000 active tunnels (or more) with certificate based authentication.
I currently have a Firepower 4150 with ASA code and would like to understand if it is feasible to migrate to a virtualized deployment (VMware on-prem) as the 4150 reaches end of life soon.
Does anyone have experience with heavy VPN usage on ASAv or happen to be aware of published white papers on the topic?
Thanks,
Brandon
05-14-2024 05:24 AM
check the datasheet for the requirement :
i see ASAv30 - 750 and ASAv50 - 10000
05-14-2024 05:51 AM
Balaji,
Thank you for your response!
Yes, I am aware of the datasheet and would actually pursue the ASAv100. I am really looking for real world experience feedback.
For extra context, the specs for the VMware build would include a 20 cores @ 2 GHz CPU with 32 GB of RAM. The VPN tunnels have from my perspective, a small bandwidth requirement that maxes out at around 100 Kbps per tunnel.
Brandon
05-14-2024 06:00 AM
Not that matter what throuput you use, the tunnel capacity mentioned based on the model
you can contact partner when you placing order to give confirmation - cisco datasheet based on real world testing.
Note - no vendor post the white and black with out testing it.
1000 tunnel requirement like for providers and banks and retailers - so best is contact cisco partner.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide