Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Query on SA2500 and SA4500 setup and handling of users

robinhowy_
New Contributor
‎09-25-2012 02:36:AM
‎09-25-2012 02:36:AM

Query on SA2500 and SA4500 setup and handling of users

Hi, i would hope that someone can help me in this as our company is thinking of addiing a new SA4500 into our environment. Details im not sure why but im tasked to find out whether is it feasible.

 

Our company is currently using 2 x SA2500 (HA clustering with 100 user licenses) setup. Just to verify if say there is this scenario where we are deciding to get a single SA4500 unit into our environment;

 

1) Are we able to get the single SA4500 to work with the SA2500 clusters or can our setup be (SA4500+SA2500)

 

2)If Qn(1) is possible, how will the distribution of concurrent user logins work since both models feature differently with SA4500's ability to handle 1000 concurrent users and SA2500's ability to handle 100 concurrent users?

 

Many Thanks for your support and advice!

Robin

 

0 Kudos
2 REPLIES 2
kalagesan_
Super Contributor
‎09-26-2012 07:37:PM
‎09-26-2012 07:37:PM

Re: Query on SA2500 and SA4500 setup and handling of users

Hi Robin,

 

Cluster in SA is supported only with in the same platform device so SA 2500 and SA4500 cannot be part of  the same cluster.

 

The way forward would be either having 2 SA 4500's in cluster ( where you can buy  250 /250 user licenses on both the SA 4500 based on your requirement. There is no cluster licenses required starting  7.0 release for a node to be part of cluster) . You can find more information about the Licensing information from SA 7.0 admin gude. The URL is given below, page#834

 

http://www.juniper.net/techpubs/software/ive/admin/j-sa-sslvpn-7.0-adminguide.pdf

 

Even though the hardware limit is 1000 users for SA 4500, SA 4500  has also 100/250/500/1000 counts of  user licenses available, you can work with you local Juniper account team or contact Juniper customer care   if you need more information

on licensing.

 

If you don't require cluster, you can also run one standlaone SA 4500 with  250/500/1000 user licenses. Hope the explanation clarifies your query.

 

NOTE:
Please mark this post as 'accepted solution' if this answers your question that way it might help others as well, a kudo would be a bonus thanks!!

Regards,
Kannan

 

 

 

0 Kudos
-red-_
Frequent Contributor
‎09-27-2012 05:48:AM
‎09-27-2012 05:48:AM

Re: Query on SA2500 and SA4500 setup and handling of users

As pointed out in the previous post, you cannot technically mix SA hardware platforms. With that said, depending upon what you are trying to accomplish, you may still be able to manage 2 boxes as one cluster, but with few extra steps.

 

You can place the SAs behind an external load balancer, and control connection distribution from there. With regards to propagating the configuration across appliances, you may either manage both via NSM, or use the push config feature to distribute the config from one box to another. Depending upon how frequently you make configuration changes to your appliances, this may become tedious, but is certainly doable. One other thing to consider, if I remember correctly, XML config push used to restart services on the target appliance. Not sure whether this has been addressed recently, but something to keep in mind if you're willing to entertain this idea.

 

Hope this helps.

 

 

0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.