Solved

Not able to add a new user to a Cisco VPN Concentrator 3005

Posted on 2008-06-23
11
1,059 Views
Last Modified: 2012-08-14
I have a cisco 3005 concentrator with 146 users.
When I try to add a new user i get the following error.
Unable to set user name (Too Many Entries Error. Delete an entry before adding a new one).

Is this correct?

Can I only add 146 user in total to a VPN 3005 running on version 4.1.7.E .
Also were is the location for total numer of users allowed?

Please help
0
Comment
Question by:Rnetmaster
  • 5
  • 4
  • 2
11 Comments
 
LVL 9

Expert Comment

by:trinak96
Comment Utility
Hi,
Have a look here : http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5743/ps5749/ps2284/product_data_sheet09186a00801d3b56.html

The model comparison table just over half way down.

Maximum number of ipsec users = 200, but read the caveat on memory etc....
0
 

Author Comment

by:Rnetmaster
Comment Utility
I see the Cisco article and model comparison. Its speaks about 200 simultaneous users. I am guessing this is refering to active logged in VPN IPSEC users. The 3005 unit  we have has 64MB of RAM installed. I dont see any reference to adding local user accounts based on installed memory.

Am I reading it wrong here???

0
 
LVL 9

Expert Comment

by:trinak96
Comment Utility
OK, I see what you mean.....have you any other VPN configuration on the box, site-site etc...?
0
 
LVL 15

Expert Comment

by:Voltz-dk
Comment Utility
Do you have alot of groups?  Each group takes up one of these slots..
0
 

Author Comment

by:Rnetmaster
Comment Utility
OK

I have 146 local users
I have 1 Lan to Lan Tunnel
i have 5 groups including the base group


VPN-Error.doc
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 15

Expert Comment

by:Voltz-dk
Comment Utility
Well, so you have used your 150 slots you have for a 3005.
0
 

Author Comment

by:Rnetmaster
Comment Utility
I am not sure were you get 150 total slots allowed?
Are we counting the 50 and 100 below as a total count?

Simultaneous IPsec users 200
Simultaneous SSL VPN (Clientless) Users** 50
Maximum LAN-to-LAN Sessions 100

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5743/ps5749/ps2284/product_data_sheet09186a00801d3b56.html
0
 
LVL 15

Accepted Solution

by:
Voltz-dk earned 500 total points
Comment Utility
That is simultaneous users, not capacity of the local user database.  If you open the help and click user management, you'll see a table where it tells how many users/groups you can define locally.  (It actually hasn't been updated, so it will tell you limit is 100 which it used to be.)

So how would you get more connections that you have users?  By using external authentication, say RADIUS.  Which is also what they suggest for a large amount of users.

You can also check it out in the online version:

http://www.cisco.com/en/US/docs/security/vpn3000/vpn3000_47/configuration/guide/Usermgt.html#wp1685274
0
 

Author Comment

by:Rnetmaster
Comment Utility
I see the chart, so your saying the table is incorrect and the actual amount is now 150 and not 100.
So Radius is the way to go, or upgrade to a 3020 correct?

Table 8-1 Maximum Number of Groups and Users for the Internal Authentication Server VPN Concentrator Model
 Maximum Number of Groups and Users (Combined)
 
3005 100
3015 100
3020 500
3030 500
3060 1000
3080 1000
0
 
LVL 15

Expert Comment

by:Voltz-dk
Comment Utility
Ya, RADIUS is a good idea.  As for upgrading, I wouldn't upgrade to another 3000-series unless it was very cheap, since they are past end-of-life.  (At least the announcement).

And I've actually never seen a 3020, wonder if those got retired earlier..  Could just be random chance though.
0
 

Author Closing Comment

by:Rnetmaster
Comment Utility
Thanks for your help!!
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
If you use NetMotion Mobility on your PC and plan to upgrade to Windows 10, it may not work unless you take these steps.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now