Cisco
300-730 · Question #167
300-730 Question #167: Real Exam Question with Answer & Explanation
The correct answer is A: Allocate additional Cisco AnyConnect Premium licenses to the ASA.. Only 2 users can connect simultaneously because the ASA's SSL VPN license limits concurrent sessions, requiring additional AnyConnect Premium licenses to support all 10 employees.
Troubleshooting VPNs
Question
A clientless SSLVPN solution is built for 10 employees on a newly installed Cisco ASA. After a couple of days in production, it has been observed that only the first two users to log in each day are able to connect successfully. The remaining users encounter the message "Login failed". Which action resolves this issue?
Options
- AAllocate additional Cisco AnyConnect Premium licenses to the ASA.
- BIncrease the vpn-simultaneous-logins parameter to a value of more than 2.
- CIncrease the number or IP addresses available in the VPN pool.
- DVerify that the users that cannot log in are in the correct AD group with VPN permissions.
Explanation
Only 2 users can connect simultaneously because the ASA's SSL VPN license limits concurrent sessions, requiring additional AnyConnect Premium licenses to support all 10 employees.
Common mistakes.
- B. The vpn-simultaneous-logins group policy attribute controls per-user login limits but cannot exceed the platform's licensed SSL VPN session count, so increasing it alone would not resolve the issue.
- C. An IP address pool applies to full-tunnel AnyConnect connections that require an assigned IP address, not to clientless SSL VPN sessions which do not consume pool addresses.
- D. AD group membership issues would cause authentication failures for specific users regardless of login order, not a pattern where only the first two logins each day succeed.
Concept tested. Cisco ASA SSL VPN concurrent session licensing limits
Topics
#clientless SSLVPN#AnyConnect Premium license#concurrent sessions#login failure
Community Discussion
No community discussion yet for this question.