Clientless VPN error message "Can not create user session. Max-capacity reached. Contact system administrator."

Clientless VPN error message "Can not create user session. Max-capacity reached. Contact system administrator."

10211
Created On 12/15/19 16:21 PM - Last Modified 06/25/21 22:51 PM


Symptom


When users try to connect to the Clientless VPN portal, the Error message "Can not create user session. Max-capacity reached. Contact system administrator." is displayed.

Environment


  • Palo Alto Firewall
  • PAN-OS 8.1 and above
  • GlobalProtect Clientless VPN Configured

Cause


When the maximum number of configured users who can log into the portal at the same time is reached, additional Clientless VPN users cannot log in to the portal.

Resolution


Configure the firewall to all the maximum number of users who can connect to the Clientless VPN at the same time.
This can be done at GUI: Network > GlobalProtect > Portal >  Clientless VPN  > General > Max User
  • If no value is specified, then endpoint capacity is assumed.
  • If the endpoint capacity is unknown, then a capacity of 50 users is assumed.
  • When the maximum number of users is reached, additional Clientless VPN users cannot log in to the portal.
Note: The  maximum number of concurrent users varies by platform 

Additional Information


Configuring Clientless VPN
PAN-155053 - Fixed in PAN-OS.9.1.7
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PNqhCAG&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language