Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1239
Views
5
Helpful
2
Replies

concurrent VPN clients limited to 2

Go to solution
simon.law
Level 1
Level 1

‎05-01-2013 02:05 AM

Hi,

I have two ASA5510 each with a security plus license and 10 SSL VPN licenses, in active/standby mode at version 8.4(4)1. It only allows up to two vpn clients (AnyConnect & SSL VPN) at a time, any extra vpn client would receieve "Login Failed" message.

Anyone can help?

Thanks,

Simon

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
rpadwal
Cisco Employee
Cisco Employee

‎05-01-2013 02:41 AM

Hi Simon,

If you have the lic for 10 does it show up in the sh ver or sh vpn-sessiondb summary  output?

you need to check the simultaneous login for anyconnet group policy,

also check if you have the VPN session limit command on the ASA and check if it limits to 2

change it to something link this

EG hostname#vpn-sessiondb max-session-limit 450

EG:

change simultaneous login in associated group policy for anyconnect

group-policy Anyconnect_gp internal

group-policy Anyconnect_gp attributes

vpn-simultaneous-logins 200

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807e0aca.shtml

Thanks and Regards,


        ROHAN 

Thanks and Regards, ROHAN :)

View solution in original post

2 Replies 2

Go to solution
rpadwal
Cisco Employee
Cisco Employee

‎05-01-2013 02:41 AM

Hi Simon,

If you have the lic for 10 does it show up in the sh ver or sh vpn-sessiondb summary  output?

you need to check the simultaneous login for anyconnet group policy,

also check if you have the VPN session limit command on the ASA and check if it limits to 2

change it to something link this

EG hostname#vpn-sessiondb max-session-limit 450

EG:

change simultaneous login in associated group policy for anyconnect

group-policy Anyconnect_gp internal

group-policy Anyconnect_gp attributes

vpn-simultaneous-logins 200

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807e0aca.shtml

Thanks and Regards,


        ROHAN 

Thanks and Regards, ROHAN :)

Go to solution
simon.law
Level 1
Level 1
In response to rpadwal

‎05-01-2013 04:58 AM

Hi Rohan,

Thanks very much for your help.

I bought a new AA5510 recently to form a failover cluster and somehow the following two lines were added to the configuration.

vpn-sessiondb max-other-vpn-limit 250

vpn-sessiondb max-anyconnect-premium-or-essentials-limit 2

It works now after I remove the two lines.

Thanks,

Simon

0 Helpful
Customers Also Viewed These Support Documents