Skip to content

Commit 1ac649c

Browse files
prmerger-automator[bot]prmerger-automator[bot]
authored
Merge pull request #222787 from wtnlee/p2saddupdate
added clarifications on limits
2 parents 6646fff + 89e688f commit 1ac649c

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

includes/virtual-wan-user-groups-considerations.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@ ms.service: virtual-wan
66
ms.topic: include
77
---
88

9-
- The maximum number of groups that can be referenced by a single Point-to-site VPN Gateway is 90. The maximum number of members in groups assigned to a Gateway is 390. However, if a group is assigned to multiple connection configurations on the same Gateway, this group and its members are counted multiple times towards the limits. For example, if there's a policy group with 10 members that is assigned to three VPN connection configurations on the Gateway. This configuration would count as three groups with 30 total members as opposed to one group with 10 members.
9+
- The maximum number of groups that can be referenced by a single Point-to-site VPN Gateway is 90. The maximum number of policy/group members (criteria used to identify which group a connecting user is a part of) in groups assigned to a Gateway is 390. However, if a group is assigned to multiple connection configurations on the same Gateway, this group and its members are counted multiple times towards the limits. For example, if there's a policy group with 10 members that is assigned to three VPN connection configurations on the Gateway. This configuration would count as three groups with 30 total members as opposed to one group with 10 members. Note that the total number of concurrent users connecting to a gateway is limited by the gateway scale unit and the number of IP addresses allocated to each user group and **not** the number of policy/group members associated to a Gateway.
1010
- Once a group has been created as part of a VPN server configuration, the name and default setting of a group can't be modified.  
1111
- Group names should be distinct.
1212
- Groups that have lower numerical priority are processed prior to groups with higher numerical priority. If a connecting user is a member of multiple groups, the gateway will consider them to be a member of the group with lower numerical priority for purposes of assigning IP addresses.

0 commit comments

Comments
 (0)