01-31-2018 06:09 PM - edited 03-12-2019 04:58 AM
Hi , Does anybody knows how many simultaneos logins can the same user have with FlexVPN? Is there any parameter to configure with these? Right now, if my cel phone connects with Anyconnect to the FlexVPN server ( IOS 16.x) it disconnect my computer session and viceversa, using the same username in both devices. Different usernames have no issue.
The only thing that i see is that the Virtual-Access interface goes down, and goes up with the new device. Try with ipsec-max-flow, but it just limits the total amount of connections globally, not per user.
Thanks.
01-31-2018 08:07 PM
This should be controlled by whatever device is doing the AAA authentication (e,g. RADIUS).
02-01-2018 06:43 AM
Hi Philip, thanks for your answer.
¿Do you know if there is any special Radius Attributte for that? Funny thing is that the same Radius Server works for Webvpn RA and Classic IPsec RA, and the same username can have several simultaneos logins with those VPN Technologies.
02-01-2018 11:13 AM
02-01-2018 11:23 AM
Yes Sir, is an OpenRadius with a flat config. No special authorization is handled.
03-18-2020 02:51 AM
Interesting. In ISAKMP with IPSec Xauth that we used some years ago, the ASR1k was able to perform concurrency control.
crypto isakmp client configuration group <GROUP_NAME> max-logins 1
How come this feature is absent in IKEv2 ?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide