03-27-2020 11:07 AM
Hello,
I can´t connect more Anyconnect users on my ASA5515. It was limited by the "IP LOCAL POOL" then i added a bigger range and different mask in the POOL and the Anyconnect endpoints started to take that pool IP addresses but it still not allow to join more users.
AnyConnect Essentials : 250 perpetual
Other VPN Peers : 250 perpetual
Total VPN Peers : 250 perpetual
original pool:
ip local pool ACPOOL 192.168.30.10-192.168.30.120 mask 255.255.255.224
new pool:
ip local pool ACPOOL 192.168.30.1-192.168.30.126 mask 255.255.255.128
group-policy ACPOLICY internal
group-policy ACPOLICY attributes
wins-server none
dns-server value
vpn-simultaneous-logins 3
vpn-tunnel-protocol ssl-client
split-tunnel-policy tunnelall
split-tunnel-network-list value Any
webvpn
anyconnect modules value vpngina
anyconnect profiles value type user
tunnel-group ACTUNEL type remote-access
tunnel-group ACTUNEL general-attributes
address-pool ACPOOL
default-group-policy ACPOLICY
****
****
****
Regards
03-28-2020 03:53 AM
Hi,
How many concurrent sessions can be formed? Try giving the new pool a new name, re-apply it to the tunnel group, and also maybe issue a reload. If it still doesn't work, post the following debug outputs when new sessions are not allowed: "debug webvpn anyconnect", "debug webvpn session", and:
logging enable
logging timestamp
logging class webvpn console debugging
logging class ssl console debugging
logging class svc console debugging
Regards,
Cristian Matei.
03-28-2020 07:00 AM
03-28-2020 02:12 PM
chagne this
vpn-simultaneous-logins 150
it will fix your issue.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide