06-03-2008 02:51 PM - edited 03-11-2019 05:54 AM
Dear all
i have 2 ASAs 5520 , they have VPN plus license . i tried to configure them to support failover feature for the customer network. But when configuring the secondary unit with the faiover configuration and enable the faiover on it , it prompts me that it cannot take the configuarion from the primary device due to something in the license (webvpn peers).The following is "show version" output from the two devices :
Primary-ASA# sh ver
Cisco Adaptive Security Appliance Software Version 7.2(3)
Device Manager Version 5.2(3)
Compiled on Wed 15-Aug-07 16:08 by builders
System image file is "disk0:/asa723-k8.bin"
Config file at boot was "startup-config"
ciscoasa up 5 mins 7 secs
Hardware: ASA5520, 512 MB RAM, CPU Pentium 4 Celeron 2000 MHz
Internal ATA Compact Flash, 256MB
BIOS Flash M50FW080 @ 0xffe00000, 1024KB
Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)
Boot microcode : CNlite-MC-Boot-Cisco-1.2
SSL/IKE microcode: CNlite-MC-IPSEC-Admin-3.03
IPSec microcode : CNlite-MC-IPSECm-MAIN-2.04
0: Ext: GigabitEthernet0/0 : address is 001d.459f.ccc6, irq 9
1: Ext: GigabitEthernet0/1 : address is 001d.459f.ccc7, irq 9
2: Ext: GigabitEthernet0/2 : address is 001d.459f.ccc8, irq 9
3: Ext: GigabitEthernet0/3 : address is 001d.459f.ccc9, irq 9
4: Ext: Management0/0 : address is 001d.459f.ccc5, irq 11
5: Int: Internal-Data0/0 : address is 0000.0001.0002, irq 11
6: Int: Internal-Control0/0 : address is 0000.0001.0001, irq 5
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs : 150
Inside Hosts : Unlimited
Failover : Active/Active
VPN-DES : Enabled
VPN-3DES-AES : Enabled
Security Contexts : 2
GTP/GPRS : Disabled
VPN Peers : 750
WebVPN Peers : 2
This platform has an ASA 5520 VPN Plus license.
Secondary-ASA# sh ver
Cisco Adaptive Security Appliance Software Version 7.2(3)
Device Manager Version 5.2(3)
Compiled on Wed 15-Aug-07 16:08 by builders
System image file is "disk0:/asa723-k8.bin"
Config file at boot was "startup-config"
ciscoasa up 6 mins 47 secs
Hardware: ASA5520, 512 MB RAM, CPU Pentium 4 Celeron 2000 MHz
Internal ATA Compact Flash, 256MB
BIOS Flash LHF00L47 @ 0xffe00000, 1024KB
Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)
Boot microcode : CNlite-MC-Boot-Cisco-1.2
SSL/IKE microcode: CNlite-MC-IPSEC-Admin-3.03
IPSec microcode : CNlite-MC-IPSECm-MAIN-2.04
0: Ext: GigabitEthernet0/0 : address is 001b.d554.6c04, irq 9
1: Ext: GigabitEthernet0/1 : address is 001b.d554.6c05, irq 9
2: Ext: GigabitEthernet0/2 : address is 001b.d554.6c06, irq 9
3: Ext: GigabitEthernet0/3 : address is 001b.d554.6c07, irq 9
4: Ext: Management0/0 : address is 001b.d554.6c03, irq 11
5: Int: Internal-Data0/0 : address is 0000.0001.0002, irq 11
6: Int: Internal-Control0/0 : address is 0000.0001.0001, irq
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs : 150
Inside Hosts : Unlimited
Failover : Active/Active
VPN-DES : Enabled
VPN-3DES-AES : Enabled
Security Contexts : 2
GTP/GPRS : Disabled
VPN Peers : 750
WebVPN Peers : 25
This platform has an ASA 5520 VPN Plus license.
what is the license that i need to enable the failover feature on the above devices???
waiting your replies
regards
06-03-2008 06:22 PM
Maybe because there is a mismatch in the WebVPN licenses of the two boxes. One has a 25 user license installed, whereas the other has the default free users (two).
Regards
Farrukh
06-03-2008 10:14 PM
Dear farrukh
Thanks for your reply , what i can do to solve this issue?
The ASA that has few webvpn peers needs another license or not???
thanks
06-03-2008 10:56 PM
I could only locate the following on the Cisco Website:
"Both units have the same hardware, software configuration, and *proper* license."
It would be best to approach your local SE or if you work for a Cisco Partner, the Partner Online pre-sales help Team.
Regards
Farrukh
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: