VPN Licenses

Answered Question
Jan 15th, 2009
User Badges:

Can someone please explain to me the difference between the user license and IPSec license? When do you need which license? I tried looking for information about this question but seems like there is none.

Correct Answer by Richard Burts about 8 years 5 months ago

Anatoliy


The user license is more related to using the ASA as a firewall and specifies the number of user/hosts on the inside for which it will provide protection. The IPSec licenses are for the ASA as it provides VPN processing.


So you are more concerned with the user license when your deployment of the ASA is for traditional firewall protection. And you are more concerned with IPSec licenses if your deployment of the ASA is to provide IPSec VPNs. And you would be concerned with both types of license if your deployment did both firewall and VPN processing.


HTH


Rick

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Richard Burts Thu, 01/15/2009 - 10:14
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Anatoliy


The user license is more related to using the ASA as a firewall and specifies the number of user/hosts on the inside for which it will provide protection. The IPSec licenses are for the ASA as it provides VPN processing.


So you are more concerned with the user license when your deployment of the ASA is for traditional firewall protection. And you are more concerned with IPSec licenses if your deployment of the ASA is to provide IPSec VPNs. And you would be concerned with both types of license if your deployment did both firewall and VPN processing.


HTH


Rick

Richard Burts Thu, 01/15/2009 - 12:59
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Anatoliy


I am glad that my response helped to resolve your question. Thank you for using the rating system to indicate that your question was resolved (and thanks for the rating). It makes the forum more useful when people can read a question and can know that a response did resolve the question.


The forum is an excellent place to learn about Cisco networking. I encourage you to continue your participation in the forum


HTH


Rick

Richard Burts Fri, 01/30/2009 - 13:26
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

John


If I am understanding your question correctly the answer is shown in the output of show version on the ASA. Here is an extract of the output:

Licensed features for this platform:

Maximum Physical Interfaces : Unlimited

Maximum VLANs : 250

Inside Hosts : Unlimited

Failover : Active/Active

VPN-DES : Enabled

VPN-3DES-AES : Enabled

Security Contexts : 2

GTP/GPRS : Disabled

VPN Peers : 5000

WebVPN Peers : 50


So as you can see this ASA is licensed for 5000 IPSec VPN peers and for 50 SSL VPN peers.


HTH


Rick

Actions

This Discussion