We have a large project ongoing in which we are setting up a firewall / VPN service to offer customers VPN connections back to a single VPN server. We will have around 1,000 users but only run about 200 - 250 concurrent sessions at any one time and both IP Sec and SSL will be fine. As part of our evaluation and build phase we need to first of all consider hardware and Cisco is an obviuos choice as we have the in house expertise. However, I consider that for this customer it would be better to provide a solution that will scale as their subscribers grow and so my view is the ASA 5510 would be a good start point and we can upgrade if their subscriber base grows. We also need to run active / standby failover. However, the licenceing issues are a little confussing to say the least and so would appreciate a second opinion from someone on this forum who has some recent experience of a similar build and install. The hardware and software spec for this build are important so any suggestions in this regard would also be very welcome. We have considered any connect premium but this may get expensive when looking at 250 concurrent sessions. Here are the basic questions.
1. What would be the best hardware solution to offer to this customer to get them started ?
2. With Anyconnect is the licencse based on concurrent sessions or registered user accounts, or put another way could we have 1,000 user accounts with 250 concurrent connections?
3. Is there a better way to configure 250 concurrent VPNs with around 1,000 users?
Any help would as always be greatly appreciated.