06-03-2008 02:51 PM - edited 03-11-2019 05:54 AM
Dear all
i have 2 ASAs 5520 , they have VPN plus license . i tried to configure them to support failover feature for the customer network. But when configuring the secondary unit with the faiover configuration and enable the faiover on it , it prompts me that it cannot take the configuarion from the primary device due to something in the license (webvpn peers).The following is "show version" output from the two devices :
Primary-ASA# sh ver
Cisco Adaptive Security Appliance Software Version 7.2(3)
Device Manager Version 5.2(3)
Compiled on Wed 15-Aug-07 16:08 by builders
System image file is "disk0:/asa723-k8.bin"
Config file at boot was "startup-config"
ciscoasa up 5 mins 7 secs
Hardware: ASA5520, 512 MB RAM, CPU Pentium 4 Celeron 2000 MHz
Internal ATA Compact Flash, 256MB
BIOS Flash M50FW080 @ 0xffe00000, 1024KB
Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)
Boot microcode : CNlite-MC-Boot-Cisco-1.2
SSL/IKE microcode: CNlite-MC-IPSEC-Admin-3.03
IPSec microcode : CNlite-MC-IPSECm-MAIN-2.04
0: Ext: GigabitEthernet0/0 : address is 001d.459f.ccc6, irq 9
1: Ext: GigabitEthernet0/1 : address is 001d.459f.ccc7, irq 9
2: Ext: GigabitEthernet0/2 : address is 001d.459f.ccc8, irq 9
3: Ext: GigabitEthernet0/3 : address is 001d.459f.ccc9, irq 9
4: Ext: Management0/0 : address is 001d.459f.ccc5, irq 11
5: Int: Internal-Data0/0 : address is 0000.0001.0002, irq 11
6: Int: Internal-Control0/0 : address is 0000.0001.0001, irq 5
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs : 150
Inside Hosts : Unlimited
Failover : Active/Active
VPN-DES : Enabled
VPN-3DES-AES : Enabled
Security Contexts : 2
GTP/GPRS : Disabled
VPN Peers : 750
WebVPN Peers : 2
This platform has an ASA 5520 VPN Plus license.
Secondary-ASA# sh ver
Cisco Adaptive Security Appliance Software Version 7.2(3)
Device Manager Version 5.2(3)
Compiled on Wed 15-Aug-07 16:08 by builders
System image file is "disk0:/asa723-k8.bin"
Config file at boot was "startup-config"
ciscoasa up 6 mins 47 secs
Hardware: ASA5520, 512 MB RAM, CPU Pentium 4 Celeron 2000 MHz
Internal ATA Compact Flash, 256MB
BIOS Flash LHF00L47 @ 0xffe00000, 1024KB
Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)
Boot microcode : CNlite-MC-Boot-Cisco-1.2
SSL/IKE microcode: CNlite-MC-IPSEC-Admin-3.03
IPSec microcode : CNlite-MC-IPSECm-MAIN-2.04
0: Ext: GigabitEthernet0/0 : address is 001b.d554.6c04, irq 9
1: Ext: GigabitEthernet0/1 : address is 001b.d554.6c05, irq 9
2: Ext: GigabitEthernet0/2 : address is 001b.d554.6c06, irq 9
3: Ext: GigabitEthernet0/3 : address is 001b.d554.6c07, irq 9
4: Ext: Management0/0 : address is 001b.d554.6c03, irq 11
5: Int: Internal-Data0/0 : address is 0000.0001.0002, irq 11
6: Int: Internal-Control0/0 : address is 0000.0001.0001, irq
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs : 150
Inside Hosts : Unlimited
Failover : Active/Active
VPN-DES : Enabled
VPN-3DES-AES : Enabled
Security Contexts : 2
GTP/GPRS : Disabled
VPN Peers : 750
WebVPN Peers : 25
This platform has an ASA 5520 VPN Plus license.
what is the license that i need to enable the failover feature on the above devices???
waiting your replies
regards
06-03-2008 06:22 PM
Maybe because there is a mismatch in the WebVPN licenses of the two boxes. One has a 25 user license installed, whereas the other has the default free users (two).
Regards
Farrukh
06-03-2008 10:14 PM
Dear farrukh
Thanks for your reply , what i can do to solve this issue?
The ASA that has few webvpn peers needs another license or not???
thanks
06-03-2008 10:56 PM
I could only locate the following on the Cisco Website:
"Both units have the same hardware, software configuration, and *proper* license."
It would be best to approach your local SE or if you work for a Cisco Partner, the Partner Online pre-sales help Team.
Regards
Farrukh
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide