Solved

Max number of users on a VPN

Posted on 2015-01-08
6
120 Views
Last Modified: 2015-01-08
Hello Experts - I have a Fortinet 90d firewall acting as a VPN endpoint on a 10mb MPLS circuit.  Before we wind up with a snow day I'd like to try and determine how many users I can comfortably get on the VPN.  Could anyone provide an estimate?
0
Comment
Question by:danbrown_
  • 2
  • 2
  • 2
6 Comments
 
LVL 50

Expert Comment

by:Don Johnston
ID: 40538630
The spec sheet says 1,000 client to Gateway IPSec tunnels and 200 Concurrent SSL-VPN Users  (Recommended Maximum).

So I'm going to say 200.

But depending on how fast of a link you have, it be unusable way before you hit 200.
0
 
LVL 11

Expert Comment

by:rharland2009
ID: 40538631
According to Fortigate's own literature, the recommended max is 200.

http://www.fortinet.com/sites/default/files/productdatasheets/FortiGate-90D.pdf
0
 

Author Comment

by:danbrown_
ID: 40538637
I understand the theoretical max, I'm looking for the practical max.  I can assure everyone that there is no way 200 concurrent users are getting on the VPN with a 10mb circuit.
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 11

Expert Comment

by:rharland2009
ID: 40538658
Thanks for the assurance. I think we're all in agreement.
IPSEC or SSL?
0
 
LVL 50

Accepted Solution

by:
Don Johnston earned 500 total points
ID: 40538659
There are really too many variables to accurately identify how many functional connections you can have.

What I would do is get a VPN session established with the typical usage for the remote clients (whatever that is).  Then monitor the amount of bandwith that connection is using.  With that factored against the connection speed, you should be able to identify an optimal and max number of connections (assuming no other traffic).
0
 

Author Comment

by:danbrown_
ID: 40538672
Its SSL.  Most users will be coming in over the VPN and using remote desktop to connect to their machines here.  There are also a few laptop users who will work directly from the file shares.  

I'll try adding up average use on one connection and go from there, thanks all.
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
I've written this article to illustrate how we can implement a Dynamic Multipoint VPN (DMVPN) with both hub and spokes having a dynamically assigned non-broadcast multiple-access (NBMA) network IP (public IP). Here is the basic setup of DMVPN Pha…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now