VPN Licenses

Answered Question
Jan 15th, 2009

Can someone please explain to me the difference between the user license and IPSec license? When do you need which license? I tried looking for information about this question but seems like there is none.

Correct Answer by Richard Burts about 8 years 1 month ago

Anatoliy


The user license is more related to using the ASA as a firewall and specifies the number of user/hosts on the inside for which it will provide protection. The IPSec licenses are for the ASA as it provides VPN processing.


So you are more concerned with the user license when your deployment of the ASA is for traditional firewall protection. And you are more concerned with IPSec licenses if your deployment of the ASA is to provide IPSec VPNs. And you would be concerned with both types of license if your deployment did both firewall and VPN processing.


HTH


Rick

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Richard Burts Thu, 01/15/2009 - 10:14

Anatoliy


The user license is more related to using the ASA as a firewall and specifies the number of user/hosts on the inside for which it will provide protection. The IPSec licenses are for the ASA as it provides VPN processing.


So you are more concerned with the user license when your deployment of the ASA is for traditional firewall protection. And you are more concerned with IPSec licenses if your deployment of the ASA is to provide IPSec VPNs. And you would be concerned with both types of license if your deployment did both firewall and VPN processing.


HTH


Rick

Richard Burts Thu, 01/15/2009 - 12:59

Anatoliy


I am glad that my response helped to resolve your question. Thank you for using the rating system to indicate that your question was resolved (and thanks for the rating). It makes the forum more useful when people can read a question and can know that a response did resolve the question.


The forum is an excellent place to learn about Cisco networking. I encourage you to continue your participation in the forum


HTH


Rick

john.wright@kao... Fri, 01/30/2009 - 09:56

Is there a way to see how many IPsec licenses a asa5520 is currently licensed for?

I know it can do 750 but how can we see how many actual licenese we have?

Richard Burts Fri, 01/30/2009 - 13:26

John


If I am understanding your question correctly the answer is shown in the output of show version on the ASA. Here is an extract of the output:

Licensed features for this platform:

Maximum Physical Interfaces : Unlimited

Maximum VLANs : 250

Inside Hosts : Unlimited

Failover : Active/Active

VPN-DES : Enabled

VPN-3DES-AES : Enabled

Security Contexts : 2

GTP/GPRS : Disabled

VPN Peers : 5000

WebVPN Peers : 50


So as you can see this ASA is licensed for 5000 IPSec VPN peers and for 50 SSL VPN peers.


HTH


Rick

Actions

This Discussion