Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Platinum

SMB w/h many remote access users

Guys, shall I expect any problems on a 1470 appliance with around 70 concurrent remote access users ?

Due to that Coronavirus outbreak people from my company are likely to start working remotely next week and I want to know in advance if I am going to have issues with that 😀

Not asking if it is going to be slow or fast but if there will be instability issues? I am on latest JHF.

15 Replies
Highlighted

hmm..i've never gone higher then 5 or 6 active users on mine. I've moved to a 1550.

 

[Expert@remotespike]# egrep -i aes /proc/cpuinfo
Features : fp asimd evtstrm aes pmull sha1 sha2 crc32 cpuid
Features : fp asimd evtstrm aes pmull sha1 sha2 crc32 cpuid
Features : fp asimd evtstrm aes pmull sha1 sha2 crc32 cpuid
Features : fp asimd evtstrm aes pmull sha1 sha2 crc32 cpuid
[Expert@remotespike]#

0 Kudos
Highlighted

Just a thought.. spin up a VM, 30 day license point them there worst case. Service base nat to get access to it in case you only have 1 IP.

Who doesn't have a xeon monster laying around no longer eating electricity?

 

Father! The sleeper has awoken!

 

.. ok completely wrong ref but it sounds cool.

Highlighted
Platinum

Yeah, I must say I am tempted 🙂 But let's see what will happen next week when there will be many monkeys on the tree...

0 Kudos
Highlighted
Employee+
Employee+

I feel 70 users is a bit too much for 1400 machine

from there other hand, if you don't have something else to put over there, I guess you will need to give it a try.

please update, I am sure this would be a very common challenge for most of us in the near future 

Highlighted
Platinum

Hmm, stupid me. I have a cluster of 2x1470 appliances and I can do DNS load-balancing with round-robin algorithm to distribute users to both of them. Need to test it more thoroughly but seems to work fine so far...

I will let you know more on Monday. Today Bulgaria declared state of emergency and our employees are going to work from home. 😔

0 Kudos
Highlighted

I'm not sure extra cores would help with vpn traffic... but.. on the off chance it does.. maybe checkpoint could unlock the other 2 cores? My 1430 seems to be a 4 core arm with 2 cores disabled at the kernel level.

0 Kudos
Highlighted
Platinum

My plain miserably failed because after some investigation it seems like standby node is routing remote access users to active one.

Btw, 1470 has 3 or 4 cores unlocked but it is not possible to unlock the 4th one at all.

I wish my 3600 appliance was here already. It comes with 5 users license but I hope CheckPoint will come up with some CPSB-SSLVPN-COVID19 license that will temporarily remove this limit 😁

Anyway, I will see what happens on Monday. Have some ideas... Worst case I may disable HTTPS Inspection. Ohhh, desperate times - desperate measures 😉

0 Kudos
Highlighted

This is super off topic, but how about a pic from Bulgaria? I never been close. It would be cool to see from a local rep. 😄

0 Kudos
Highlighted
Platinum

One pic is difficult to express entire country but here is a short YT video I like:

https://www.youtube.com/watch?v=N1-Jmq7BLFE

0 Kudos
Highlighted

cool vid.. i'll keep that in mind for my next helicopter tour for sure. What is the Colosseum? That looked pretty amazing.

Wasn't saying a single pic that encompassed everything, just like a here is a local pic. I'm in miaimi beach and besides pending doom we have a lot of kids on holiday in town. I'll take a pic later tonight to give you an idea.

 

Maybe we should move this to a OT area? 😄

 

OT Thread.. send a local pic from where ever you are!

0 Kudos
Highlighted
Platinum

@John_Fleming There is more info about that Colosseum:

https://en.wikipedia.org/wiki/Plovdiv_Roman_Stadium

I'd love to see pics from where you are so I am totally fine with thread about that if community admins would permit it.

0 Kudos
Highlighted
Admin
Admin

I guess I should create an Off-Topic board for this purpose: https://community.checkpoint.com/t5/Off-Topic/bd-p/off-topic
I'll have to add it to the menu structure so people can find it (under the "More" menu).
Highlighted
Platinum

Well, 48 users so far... absolutely no problem in handling them... load is same as usual.

0 Kudos
Highlighted
Admin
Admin

From a license perspective, according to the datasheet, the 1470 supports 200.
You're covered there at least.
I suspect 70 users should work ok, assuming you have enough bandwidth to support all the users.

In terms of evaluations for Mobile Access Blade on our appliances, we've been giving out extended evaluation licenses for it on request.
0 Kudos
Highlighted
Platinum

Almost all users are using RDP to access virtual machines in our DC so I think not much bandwidth will be needed for that.

0 Kudos