10-16-2007 01:09 PM - edited 03-11-2019 04:26 AM
Hi,
We are going to buy ASA 5505 firewall for our SMB office. In the product specification is said, there are licenses needed for VPN and SSL.
I am a bit confused. Why I need VPN and SSL for firewall? When we run our web server the SSL certificate is on the server. Also for remote access we will have available licenses when we buy Citrix. How is the firewall VPN/SSL licensing involved in this? Do wee need those additional modules?
Thanks for help,
Lubomir
10-16-2007 03:29 PM
The licensing for SSL is for SSL VPN. It has nothing to do with running SSL on your webserver.
10-16-2007 04:48 PM
Thanks.
Could you please explain in more detail what is difference between VPN established by using a software like Citrix and VPN offered by a firewall?
10-17-2007 08:55 AM
The datasheets are a bit confusing. Cisco has a feature called SSL VPN available on the ASAs. This feature allows you to setup browser based VPN termation through SSL web sessions directly to the firewall. To use this feature you have to have SSL VPN user licenses. (It comes with 2 licenses normally I think)
You do not need any additional licensing for VPN client users that are going to use the Cisco VPN client, or even Microsoft PPTP.
If you're primarly going to use Citrix as your remote access solution, then you may not even need to configure any VPN settings on the firewall, but rather just allow access through the firewall to the Citrix box and let it do all the encryption as needed via SSL and ICA.
10-17-2007 09:52 AM
ASA also has a Citrix Plugin for the Clientless SSL VPN.
10-17-2007 10:09 AM
Thank you for explanation.
Regards,
Lubomir
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: