question

logographer avatar image
0 Likes"
logographer asked

Can FortiOS be configured to limit the number of IPSec VPN clients?

Aside from the hard-coded embryonic limit that varies by model, if a customer wanted to manually throttle or control the number of IPSec clients that can simultaneously connect to a FortiGate, is there a way to do that? Maybe via an IPSec configuration, a DOS sensor, traffic shaper or anything?

FortiOSIPsec
10 |600

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

1 Answer

·
ldhillon avatar image
0 Likes"
ldhillon answered

Hello,

There is an option to limit the SSL VPN users and dial up VPN tunnels to a maximum number per VDOM.

SSL VPN users and IPsec dialup limits can be defined as follow:

# config global
# config system vdom-property

edit "test_VDOM"
set sslvpn 200
set dialup-tunnel 300
end
end


Ref: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Limiting-the-maximum-number-of-SSL-VPN-users-and/ta-p/194563?externalID=FD48846

10 |600

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Welcome to FortiAnswers

FortiAnswers is the space dedicated to FortiSASE and FortiOS questions and suggestions.

  • Please review the Community guidelines
  • If you are a moderator, please refer to the Moderation guidelines
  • If something in the above guidelines is unclear, please post your question to the Community Feedback space or the Moderators' space