Cisco ASA 5505 User Manual

Page 1425

Advertising
background image

66-17

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 66 Setting General VPN Parameters

Configuring VPN Session Limits

VPN-3DES-AES : Enabled perpetual

Security Contexts : 2 perpetual

GTP/GPRS : Disabled perpetual

AnyConnect Premium Peers : 250 perpetual

AnyConnect Essentials : Disabled perpetual

Other VPN Peers : 250 perpetual

Total VPN Peers : 250 perpetual

Shared License : Disabled perpetual

AnyConnect for Mobile : Disabled perpetual

AnyConnect for Cisco VPN Phone : Disabled perpetual

Advanced Endpoint Assessment : Enabled perpetual

UC Phone Proxy Sessions : 2 perpetual

Total UC Proxy Sessions : 2 perpetual

Botnet Traffic Filter : Disabled perpetual

Intercompany Media Engine : Disabled perpetual

This platform has an ASA 5510 Security Plus license.

hostname#

To limit AnyConnect VPN sessions (either IPsec/IKEv1 or SSL) to a lower value than the ASA allows,
use the vpn-sessiondb max-anyconnect-premium-or-essentials-limit command in global
configuration mode. To remove the session limit, use the no version of this command.

For example, if the ASA license allows 500 SSL VPN sessions, and you want to limit the number of
AnyConnect VPN sessions to 250, enter the following command:

hostname(config)# vpn-sessiondb max-anyconnect-premium-or-essentials-limit 250

hostname(config)#

To remove the session limit, use the no version of this command:

hostname(config)# no vpn-sessiondb max-anyconnect-premium-or-essentials-limit 250

hostname(config)#

To limit Cisco VPN client (IPsec IKEv1), Lan-to-Lan VPN, and clientless SSL VPN sessions to a lower
value than the ASA allows, enter the vpn-sessiondb max-other-vpn-limit command in global
configuration mode:

For example, if the ASA license allows 750 IPsec sessions, and you want to limit the number of IPsec
sessions to 500, enter the following command:

hostname(config)# vpn-sessiondb max-other-vpn-limit 500

hostname(config)#

To remove the session limit, use the no version of this command:

hostname(config)# no vpn-sessiondb max-other-vpn-limit 500

hostname(config)#

For a complete description of the features available with each license, see the document Managing
Feature Licenses for Cisco ASA 5500 Version 8.4 at this URL:

http://www.cisco.com/en/US/docs/security/asa/asa84/license_standalone/license_management/
license.html

Advertising
This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands
Popular manuals