Simultaneous VPN Users on Cisco ASA

A quick-and-dirty post for Cisco ASA Users who have people logging in from different devices – say, a doctor’s office with doctors who might like their tablets, laptops and home computers connected all at once…

Normally, they are are limited to one simultaneous session per username at a time, but you can change this (by the user or by the tunnel policy).

By Username:

test-FW(config)# username example-name password test-password
test-FW(config)# username example-name attributes
test-FW(config-username)# vpn-simultaneous-logins 4
test-FW(config-username)# exit

By Policy:

(Find Policy)
test-FW# show run tunnel-group
tunnel-group SSLAccess type remote-access
tunnel-group SSLAccess general-attributes
 default-group-policy SSLVPN
tunnel-group SSLAccess webvpn-attributes
 group-alias RemoteUsers enable

test-FW# config t
test-FW(config)# group-policy SSLVPN attributes
test-FW(config-group-policy)# vpn-simultaneous-logins 3

Don’t forget to write mem or copy running-config startup-config!