08-29-2020 01:06 AM - edited 08-29-2020 01:26 AM
Hi, I have some question.
If I have configure Active-Active HA and two GP portals with PA-3260.
e.g. fw1's portal : 111.111.111.111
fw2's portal : 222.222.222.222
(limitation of SSL VPN concurrent user from PA3260: 2048 ssl-tunnels)
When fw1,2 are in operation, can fw support about 2,000 user per one portal?
Or do they share the number of tunnels?
08-31-2020 05:24 PM
Depends on how you have things configured. If you have these configured with Floating IP Addresses then the tunnel information is shared between each unit, but they otherwise will be completely independent of each other.
Just keep in mind that you aren't really getting any additional capacity by going active/active, as if you have a hardware failure you all of the sudden don't have enough capacity for your entire environment if you can't work within the 2048 limit on the 3260s.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
