What SSG model for 55 IPSEC Tunnels?

Posted on 2013-02-02
Last Modified: 2013-02-03
I have 54 branch offices and need each one to VPN to a central location.  Would an SSG140 work for this?  Could it also handle logging for the VPN traffic?
Question by:dhuff2012
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
LVL 11

Expert Comment

ID: 38847905
In terms of number of sessions, yes.

under the specifications tab the maximum number of concurrent sessions is 48,000.

Author Comment

ID: 38847953
Would this also be scalable for up to 200 VPN's?
LVL 11

Expert Comment

ID: 38847973
Yes, assuming that the total amount of bandwidth is within the limits of the box.
Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

LVL 11

Expert Comment

ID: 38847977
The max vpn tunnels is 500 so 200 is not a problem.
LVL 11

Expert Comment

ID: 38847981
I just noticed the logging part of your question.  It does support some logging and monitoring.  But if you want to get more sophisticated it can use a syslog server.
LVL 70

Accepted Solution

Qlemo earned 500 total points
ID: 38848438
The SSG140 will work if you do not want or need to use route-based VPN (versus policy-based). It allows for 50 (static) tunnel interfaces only (the 500 are concurrent VPN tunnels, which are the sum of all route- and policy-based VPNs active at the same time).

In most cases you will use policy-based VPNs, but there are some scenarios you'll need tunnel interfaces, e.g. if you want to use one tunnel for non-consecutive target network addresses.

In regard of logging you will probably want to set up a syslog server, as recommended already, unless you are interested in traffic stats only (not sessions).

Author Closing Comment

ID: 38848928
Thank you.  That was the exact info I needed.

Featured Post

Manage your data center from practically anywhere

The KN8164V features HD resolution of 1920 x 1200, FIPS 140-2 with level 1 security standards and virtual media transmissions at twice the speed. Built for reliability, the KN series provides local console and remote over IP access, ensuring 24/7 availability to all servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question