Outside of license restrictions based on your subscription, there is no hard limit to the number of tunnels you can have.


VNS3 is priced based on virtual network complexity, as defined by a few key requirement parameters.

One of those pricing parameters is how many remote endpoints/tunnels you connect via IPsec VPN.

See our pricing page to see how many tunnels are included with each license type: https://www.cohesive.net/product-pricing

Cohesive can provide license upgrades to allow additional clientpacks, endpoints, tunnels, etc. Email sales@cohesive.net with any requests or inquiries.


The instance or VM size and the allotted CPU, memory and network throughput may limit the number of tunnels you can have and performance of those tunnels, depending on your use-case.

As a rule of thumb, an endpoint uses a bit less than 20MB of memory, and a tunnel uses a bit less than 10MB.

Throughput is limited by CPU, and is not significantly effected by the number of tunnels, except for the expectation that throughput demands grow as tunnels are added.

The thing to remember about VNS3 at scale is that VNS3 controllers can be configured in a true n-mesh.

This means you can distribute your network functions out to many instances or VMs to share load, provide multiple points of presence (POP), and mitigate risk.

Cohesive has customers running over a hundred endpoints with many hundreds of tunnels. Our licenses are based on estimated network size; if you need more endpoints, tunnels or clientpacks we do offer custom pricing.