Solved

Max number of users on a VPN

Posted on 2015-01-08
6
139 Views
Last Modified: 2015-01-08
Hello Experts - I have a Fortinet 90d firewall acting as a VPN endpoint on a 10mb MPLS circuit.  Before we wind up with a snow day I'd like to try and determine how many users I can comfortably get on the VPN.  Could anyone provide an estimate?
0
Comment
Question by:danbrown_
  • 2
  • 2
  • 2
6 Comments
 
LVL 50

Expert Comment

by:Don Johnston
ID: 40538630
The spec sheet says 1,000 client to Gateway IPSec tunnels and 200 Concurrent SSL-VPN Users  (Recommended Maximum).

So I'm going to say 200.

But depending on how fast of a link you have, it be unusable way before you hit 200.
0
 
LVL 11

Expert Comment

by:rharland2009
ID: 40538631
According to Fortigate's own literature, the recommended max is 200.

http://www.fortinet.com/sites/default/files/productdatasheets/FortiGate-90D.pdf
0
 

Author Comment

by:danbrown_
ID: 40538637
I understand the theoretical max, I'm looking for the practical max.  I can assure everyone that there is no way 200 concurrent users are getting on the VPN with a 10mb circuit.
0
Surfing Is Meant To Be Done Outdoors

Featuring its rugged IP67 compliant exterior and delivering broad, fast, and reliable Wi-Fi coverage, the AP322 is the ideal solution for the outdoors. Manage this AP with either a Firebox as a gateway controller, or with the Wi-Fi Cloud for an expanded set of management features

 
LVL 11

Expert Comment

by:rharland2009
ID: 40538658
Thanks for the assurance. I think we're all in agreement.
IPSEC or SSL?
0
 
LVL 50

Accepted Solution

by:
Don Johnston earned 500 total points
ID: 40538659
There are really too many variables to accurately identify how many functional connections you can have.

What I would do is get a VPN session established with the typical usage for the remote clients (whatever that is).  Then monitor the amount of bandwith that connection is using.  With that factored against the connection speed, you should be able to identify an optimal and max number of connections (assuming no other traffic).
0
 

Author Comment

by:danbrown_
ID: 40538672
Its SSL.  Most users will be coming in over the VPN and using remote desktop to connect to their machines here.  There are also a few laptop users who will work directly from the file shares.  

I'll try adding up average use on one connection and go from there, thanks all.
0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are times where you would like to have access to information that is only available from a different network. This network could be down the hall, or across country. If each of the network sites have access to the internet, you can create a ne…
If you are thinking of adopting cloud services, or just curious as to what ‘the cloud’ can offer then the leader according to Gartner for Infrastructure as a Service (IaaS) is Amazon Web Services (AWS).  When I started using AWS I was completely new…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question