Configuring vpn session limits – Cisco ASA 5505 User Manual

Page 1424

Advertising
background image

66-16

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 66 Setting General VPN Parameters

Configuring VPN Session Limits

The following example shows 100 SSL sessions (active only) and a 2 percent SSL load. These numbers
do not include the inactive sessions. In other words, inactive sessions do not count towards the load for
load balancing.

hostname# show vpn load-balancing

Status :

enabled

Role :

Master

Failover :

Active

Encryption :

enabled

Cluster IP :

192.168.1.100

Peers :

1

Load %

Sessions

Public IP

Role

Pri

Model

IPsec

SSL

IPsec SSL

192.168.1.9

Master

7

ASA-5540

4

2

216

100

192.168.1.19

Backup

9

ASA-5520

0

0

0

0

Configuring VPN Session Limits

You can run as many IPsec and SSL VPN sessions as your platform and ASA license supports. To view
the licensing information including maximum sessions for your ASA, enter the show version command
in global configuration mode. The following example shows the command and the licensing information
from the output of this command:

hostname(config)# show version

Cisco Adaptive Security Appliance Software Version 8.4(1)

Device Manager Version 6.4(1)

Compiled on Sun 02-Jan-11 03:45 by builders

System image file is "disk0:/cdisk.bin"

Config file at boot was "startup-config"

asa4 up 9 days 3 hours

Hardware: ASA5510, 256 MB RAM, CPU Pentium 4 Celeron 1600 MHz

Internal ATA Compact Flash, 256MB

BIOS Flash M50FW080 @ 0xfff00000, 1024KB

Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)

Boot microcode : CN1000-MC-BOOT-2.00

SSL/IKE microcode : CNLite-MC-SSLm-PLUS-2.03

IPsec microcode : CNlite-MC-IPSECm-MAIN-2.06

Number of accelerators: 1

0: Ext: Ethernet0/0 : address is 001e.f75e.8b84, irq 9

1: Ext: Ethernet0/1 : address is 001e.f75e.8b85, irq 9

2: Ext: Ethernet0/2 : address is 001e.f75e.8b86, irq 9

3: Ext: Ethernet0/3 : address is 001e.f75e.8b87, irq 9

4: Ext: Management0/0 : address is 001e.f75e.8b83, irq 11

5: Int: Internal-Data0/0 : address is 0000.0001.0002, irq 11

6: Int: Internal-Control0/0 : address is 0000.0001.0001, irq 5

Licensed features for this platform:

Maximum Physical Interfaces : Unlimited perpetual

Maximum VLANs : 100 perpetual

Inside Hosts : Unlimited perpetual

Failover : Active/Active perpetual

VPN-DES : Enabled perpetual

Advertising
This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands
Popular manuals