We have a PIX 501 and I'm in the process of replacing it with a ASA5505. We're currently using the 501 for a site-to-site vpn for disaster recovery purposes and I'm trying to verify the number of concurrent connections we can have.
View 1 RepliesGetting the following alarm from my ISE:Cause:Base License Enforcement Details: Base concurrent users exceed license allowable count.Currently only using 1656 out of 2000 base licenses so I'm not sure what the issue is. Running 1.1.2.145 patch 3.
View 1 Replies View RelatedWhat are the limitations on the max number of concurrent HTTPS connections when using Auth Proxy for HTTPS traffic on a Cisco ASA 5520.
1) What is the max number of concurrent Authentications that the ASA can perform (HTTPS)?
2) Once Authenticated. What is the max number of concurrent HTTPS Authenticated connections to the back end HTTPS server.
We are having random issues of users not being able to connect to our wireless network consistently. The users will have successfully accessed the network previously but then will have difficulty associating to the network. After a period of time, the association appears successful again. My first thoughts were that there was a restriction on the number of clients that could associate to a given AP at any one time.This is the equipment we have:1x Cisco Wireless Control Server (WCS) 6.0.181.04x Cisco 5508 Wireless LAN Controllers 6.0.196.060x Aironet 1142N Lightweight Access Points (LAP) Is there a hard or recommended maximum number of clients per LAP? If so, where is this defined? From what I have read on these forums, Cisco apparently recommends about 25 clients per AP but I can not find any official documentation to support this.When I go to WCS Home > General > Top APs by Client Count, the top AP reports 20 clients. However, if I click on the AP Name and go to the Current Associated Clients tab, it is only listing 8 clients - why is this?
View 3 Replies View RelatedI have been looking for the command to view all concurrent active connections or sessions on our Cisco 2911. I want to see what the total connections or sessions are at peak times throughout the day.
View 4 Replies View RelatedWhat is the maximum number concurrent wireless connections that a WAP54g v3 can have?
View 9 Replies View RelatedJust wondering if there are any methods or commands, natively, in the asa5510 for determining all traffic in to and from a certain server passing through the asa. This would be without a syslog server or something similar.
View 3 Replies View RelatedHow many concurrent SIP channels should I expect to be able to make through a PIX firewall? We currently have a PIX 515 with the SIP fixup enabled.it worked fine for a low volume of traffic, but once we got to around 400-500 concurrent SIP calls the PIX started to struggle. Calls were dropping and other Internet traffic was intermittent. When I decreased the call volume it recovered and everything returned to normal.Bandwidth wise, we were only using about 20MB, so I think that as it needs to inspect and remember SIP packets for the purposes of opening RTP ports, we probably hit a bottleneck in terms of either the PIX's CPU or memory capacity. I've not seen any specs detailing how many SIP fixups a PIX (of any capacity) is able to handle.I'm thinking of upgrading to a PIX 525 or PIX 535, but I'd like to know how many SIP calls they will be able to handle before committing.
View 4 Replies View Relatedhow simultaneous connections is supported on the ISR G2? I need a router with the 60,000 concurrent connections.
View 1 Replies View RelatedOur current cable ISP is having issues providing us with consistant connectivity. I would like to bring in a second ISP to allow my users to choose where they will connect to. There will be two dns names and i just want to to be able to choose between them.
Is this possible on the ASA5505? supporting two ISPs at one time for VPN on both?
in Cisco ASA 5540 Adaptive Security Appliance Platform Capabilities and Capacities, I see Concurrent Sessions: 400,000. Which mean what device can handle 400,000 session and no more. But if I'm using TCP State Bypass Feature (Inbound traffic pass via ASA but Outbound goes via different device). I can see such connections via show conn command with b flag.
My questions: 1. Will this limit (Concurrent Session) affect in this case? Or ASA can handle more such connections (for example 800,000 ...) in bypass state? 2. It's possible to tune timeout for such connection without using global timeout conn? My problem what I want to do by pass tcp connection for one IP with has very high connection/sec rate.
I cannot find this info on the cisco site.
View 2 Replies View RelatedI have a 7609 with a Flexwan module with a PA-POS-1OC3. Is there a command to determine they type of SFP in the module ? sho controllers POS didn't provide the SFP type.
View 2 Replies View RelatedI am installing a network in my small business and was given a spool of Cat5 cable to run wires... I know the length in feet of cable that I was given, but I was wondering if there is some kind of markers on the cable to tell me how much is left... I will be charged for it by foot after I'm done, and I want to know how much I've used. Do I have to just use a measuring tape? Seems unnecessarily complicated... I've checked the wire but can't see any marker of the length remaining.
View 1 Replies View RelatedI have a Netgear FSM750S 48 port managed switch that I inhereted from the previous LAN guy who was gone before I got here. I don't know what IP address he was using for the swithc - I have a decent guess for the username/password; but I'm not 100% sure on those either. how can I determine what this devices IP address is so I can telent into it? Do I have to reset the switch to factory config? And if I have to reset it, how do I do that? There aren't any factory reset buttons anywhere on the chasis. [URL]
View 8 Replies View RelatedAironet 2600 and 3600 series. I need to know their maximum distance (at least theoretically, in Line of sight, eliminating all other factors...) in order to choose the right number of AP to provide enough coverage for a specific area. If an exact number is not available then can you show me how to determine it?
View 8 Replies View RelatedI am trying to determin if Jumbo frames are enabled on out Nexus 7000, and I am getting mixed info back from the swtich.I looks like the system jumbo MTU size is 9216 by default, but the interfaces all say the MTU of the interface is 1500 bytes. According to this article, the interface MTU should read 9216 is the jumbo frames are enabled globally. Is this correct. Is there a way to verify if Jumbo frame support is turned on? [code]
View 4 Replies View RelatedIOS Firewall (ZBF) Limit SMTP connections from same IP
we are running a Postfix MTA behind a IOS Firewall (ZBF) on a CISCO1921. Sometimes we get more than 2000 smtp login attemps like
postfix/smtpd[123456]: connect from (...) (...) postfix/smtpd[123456]: lost connection after AUTH from (...)
in one second. May be bruteforce or DoS ... nevertheless - we like to protect the Postfix MTA from this stuff.
Can we inspect the smtp and limit connections in a time period from the the same IP? Something like "not more than 10 smtp connections during 60 seconds from the same ip" .
This is one I am having a hard time finding an answer for. How many clients can a 3600 AP support? For 150 clients on one of these, what would the throughput be for each client?
If my calculations are correct, the device can deliver 420 Mbps, which gives each client roughly 2.8Mbps. Is this correct?
I have two ASA5510 each with a security plus license and 10 SSL VPN licenses, in active/standby mode at version 8.4(4)1. It only allows up to two vpn clients (AnyConnect & SSL VPN) at a time, any extra vpn client would receieve "Login Failed" message.
View 2 Replies View RelatedWhat the maximum concurrent users you can have on a Cisco 3925 for :-
1) Site to Site VPN using IPSEC tunnels
2) GRE tunnel sIf I have 90 users on a single GRE tunnel with 50mb Internet pipe using fat clients will this work ?
I am currently planning a Active directory deployment. It will most likely be a new forest, but the domain could become part of a existing forest. I have about 45 Computers with about 85 users. At one time there is about 42 users logging in as there is two shifts. The logons will be done all at once. Do you think two domain controllers will be able to handle the load?
View 9 Replies View RelatedWe have a client that is looking to provide connectivity for up to 800 users at a conference. They have a SRP527W available to them. Looking at the configuration we have been able to provide the needed number of IP addresses through VLANs each with their own DHCP scope.
However we are doubtful that the router will be able to process such a high number of connections (NAT, Firewall etc.) even though they will be using a specialised application that pulls static content via WAN.
Thus far we have been told that the unit has supported 150 user no issue, my I am guessing anything over 200 and you would start to see stability issues?
trying to join an 1142 on a WLC_SRE version 7.4.
the AP can ping the controller and vice versa. In the controllers GUI: Monitor>Statisticc>AP join, I can find the mac of the AP that I am trying to get joined.
the details of this mac show:
Last error occurred: Lwapp discovery request rejected
last occurred error reason: Too many concurrent AP image downloads
Last Join Timestamp:
how many concurrent voice call can be conducted at once with the cisco sf 100d-08 8-port 10100 switch?
View 1 Replies View RelatedWas looking at purchasing WAP321 however after looking at the spec's I see it has not got concurrent dual band (2.45Ghz/5Ghz) is there any simular access points with dual band and captive portal?
View 2 Replies View Relatedtell me if cisco 1921 onboard GigabitEthernets can reach 10Mbps with concurrent services, one GigabitEthernet interface as WAN interface, the other one as LAN interface.
View 2 Replies View RelatedI´m detecting on my ACE 20.
I´m monitoring the total number of concurrent sessions of my ACE 20 (using Cacti), and from time to time, with no discernable pattern, I see an instant drop of sessions to half...I don´t detect any disturbance with our traffic and service, I have no complaints, but it's a very accentuated drop.
I´m able to get 1 or 2 days withouth any suddent drop of connections, and then for no reason I pass from 500.000 to 200.000 sessions in a minute. Then they gradually go up again.
I´ve seen in ACE´s session table that she keeps a great number of half-open, or closed sessions, and those are counted as part of concurrent sessions. Is there any flush on ACE´s table when she reaches a certain number of closed TCP sessions or something like that?
i am going to purchase a Simultaneous Dual Band Router with Gigabit Lan. Can anybody tell me whats the transfer speed it got on Concurrent Dual Band 900(450+450) , 750(300+450) and 600(300+300). I am going to use it for hard drive that can network attached or may be just external hard drive via USB interface.
View 2 Replies View RelatedI'm using a Huawei B660 3G router at my house, with with a service provider called 8ta (in South Africa). I've been struggling for months to try and get them to troubleshoot and fix my connection, which was working fine for about a year.
I'm now daily struggling with download speeds of as little as 0.1Mbps to 0.5Mbps, especially after 5pm until about midnight. Upload speed off course is even worse.
8ta, has after months of me complaining agreed to install an antenna at my house, which will probably take another few more weeks for them to accomplish.
I often have 5/5 bars of signal on the router, so my argument is that signal strength might not be the problem. Since the connection is in a residential area, I would assume that their network is more likely to be a bit more congested after hours, but a technician explained to me that their network is never more than 30% "occupied".
Can the number of users connected on the 3G network/tower cause signal strength to attenuate for surrounding users?
Would it replace the B660 (7Mbps) router with a 21Mbps counterpart?
We have a user who needs to access a vpn from his MAC through an ASA 5505. The user is getting an IP via DHCP and the outside interface of the ASA gets it's address via DHCP as well. The user states that when he is home or anywhere else but behind the ASA it connects fine, but once the ASA is added it times out. He is able to get to the internet from the machine without any issues. Looking over the config on the firewall it isn't set to deny any traffic and there is a global set on the interface and it is nat the inside interface. There is no global policy in place so I was considering implementing the following:
policy-map global_policyclass inspection_default inspect pptp
192.168.1.10 --> ASA 1-----> ASA 2-------> ASA 3----> server (172.21.16.15)
We have opened 3389 , 80 & 445 ports on all firewalls ( ASA 1, ASA 2, ASA ) for server (172.21.16.15) from (192.168.1.10).We are able to see connection in ASA 1 under show connection for 3389, 445 ,80.
We are not able to see connections in ASA 2 & ASA 3 under show connection for 3389. But we are able to see hits in ACl.
Is it possible to have a Cisco ASA5510 with two internet connections performing as follows.
Internet A---------All traffic except LAN to LAN vpn
Internet B---------LAN to LAN vpn
I cant find anything definitive on google to say it will or wont, i know it cant do policy based routing.