Improve company productivity with a Business Account.Sign Up

x
?
Solved

Not able to add a new user to a Cisco VPN Concentrator 3005

Posted on 2008-06-23
11
Medium Priority
?
1,118 Views
Last Modified: 2012-08-14
I have a cisco 3005 concentrator with 146 users.
When I try to add a new user i get the following error.
Unable to set user name (Too Many Entries Error. Delete an entry before adding a new one).

Is this correct?

Can I only add 146 user in total to a VPN 3005 running on version 4.1.7.E .
Also were is the location for total numer of users allowed?

Please help
0
Comment
Question by:Rnetmaster
  • 5
  • 4
  • 2
11 Comments
 
LVL 9

Expert Comment

by:trinak96
ID: 21854045
Hi,
Have a look here : http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5743/ps5749/ps2284/product_data_sheet09186a00801d3b56.html

The model comparison table just over half way down.

Maximum number of ipsec users = 200, but read the caveat on memory etc....
0
 

Author Comment

by:Rnetmaster
ID: 21855138
I see the Cisco article and model comparison. Its speaks about 200 simultaneous users. I am guessing this is refering to active logged in VPN IPSEC users. The 3005 unit  we have has 64MB of RAM installed. I dont see any reference to adding local user accounts based on installed memory.

Am I reading it wrong here???

0
 
LVL 9

Expert Comment

by:trinak96
ID: 21856246
OK, I see what you mean.....have you any other VPN configuration on the box, site-site etc...?
0
KuppingerCole Reviews AlgoSec in Executive Report

Leading analyst firm, KuppingerCole reviews AlgoSec's Security Policy Management Solution, and the security challenges faced by companies today in their Executive View report.

 
LVL 15

Expert Comment

by:Voltz-dk
ID: 21859082
Do you have alot of groups?  Each group takes up one of these slots..
0
 

Author Comment

by:Rnetmaster
ID: 21859675
OK

I have 146 local users
I have 1 Lan to Lan Tunnel
i have 5 groups including the base group


VPN-Error.doc
0
 
LVL 15

Expert Comment

by:Voltz-dk
ID: 21860051
Well, so you have used your 150 slots you have for a 3005.
0
 

Author Comment

by:Rnetmaster
ID: 21860168
I am not sure were you get 150 total slots allowed?
Are we counting the 50 and 100 below as a total count?

Simultaneous IPsec users 200
Simultaneous SSL VPN (Clientless) Users** 50
Maximum LAN-to-LAN Sessions 100

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5743/ps5749/ps2284/product_data_sheet09186a00801d3b56.html
0
 
LVL 15

Accepted Solution

by:
Voltz-dk earned 2000 total points
ID: 21860224
That is simultaneous users, not capacity of the local user database.  If you open the help and click user management, you'll see a table where it tells how many users/groups you can define locally.  (It actually hasn't been updated, so it will tell you limit is 100 which it used to be.)

So how would you get more connections that you have users?  By using external authentication, say RADIUS.  Which is also what they suggest for a large amount of users.

You can also check it out in the online version:

http://www.cisco.com/en/US/docs/security/vpn3000/vpn3000_47/configuration/guide/Usermgt.html#wp1685274
0
 

Author Comment

by:Rnetmaster
ID: 21860586
I see the chart, so your saying the table is incorrect and the actual amount is now 150 and not 100.
So Radius is the way to go, or upgrade to a 3020 correct?

Table 8-1 Maximum Number of Groups and Users for the Internal Authentication Server VPN Concentrator Model
 Maximum Number of Groups and Users (Combined)
 
3005 100
3015 100
3020 500
3030 500
3060 1000
3080 1000
0
 
LVL 15

Expert Comment

by:Voltz-dk
ID: 21860788
Ya, RADIUS is a good idea.  As for upgrading, I wouldn't upgrade to another 3000-series unless it was very cheap, since they are past end-of-life.  (At least the announcement).

And I've actually never seen a 3020, wonder if those got retired earlier..  Could just be random chance though.
0
 

Author Closing Comment

by:Rnetmaster
ID: 31469875
Thanks for your help!!
0

Featured Post

Choose an Exciting Career in Cybersecurity

Help prevent cyber-threats and provide solutions to safeguard our global digital economy. Earn your MS in Cybersecurity. WGU’s MSCSIA degree program was designed in collaboration with national intelligence organizations and IT industry leaders.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Let’s face it: one of the reasons your organization chose a SaaS solution (whether Microsoft Dynamics 365, Netsuite or SAP) is that it is subscription-based. The upkeep is done. Or so you think.
As managed cloud service providers, we often get asked to intervene when cloud deployments go awry. Attracted by apparent ease-of-use, flexibility and low computing costs, companies quickly adopt leading public cloud platforms such as Amazon Web Ser…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question