11-29-2012 01:57 PM - edited 03-11-2019 05:30 PM
Dear All,
We have a single ASA 5510 with version 7.2 (3) in our network and configured many IPSEC site to site, IPSEC - remote access vpn and webvpn with SSL. Everything is working well.
ASA-5510# sh ver
Cisco Adaptive Security Appliance Software Version 7.2(3)
Device Manager Version 5.2(2)
Compiled on Wed 15-Aug-07 16:08 by builders
System image file is "disk0:/asa723-k8.bin"
Config file at boot was "startup-config"
ASA-5510-1 up 86 days 11 hours
Hardware: ASA5510, 256 MB RAM, CPU Pentium 4 Celeron 1600 MHz
Internal ATA Compact Flash, 256MB
BIOS Flash Firmware Hub @ 0xffe00000, 1024KB
Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)
Boot microcode : CNlite-MC-Boot-Cisco-1.2
SSL/IKE microcode: CNlite-MC-IPSEC-Admin-3.03
IPSec microcode : CNlite-MC-IPSECm-MAIN-2.04
0: Ext: Ethernet0/0 : address is 0027.0d38.034e, irq 9
1: Ext: Ethernet0/1 : address is 0027.0d38.034f, irq 9
2: Ext: Ethernet0/2 : address is 0027.0d38.0350, irq 9
3: Ext: Ethernet0/3 : address is 0027.0d38.0351, irq 9
4: Ext: Management0/0 : address is 0027.0d38.0352, irq 11
5: Int: Internal-Data0/0 : address is 0000.0001.0002, irq 11
6: Int: Internal-Control0/0 : address is 0000.0001.0001, irq 5
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs : 100
Inside Hosts : Unlimited
Failover : Active/Active
VPN-DES : Enabled
VPN-3DES-AES : Enabled
Security Contexts : 2
GTP/GPRS : Disabled
VPN Peers : 250
WebVPN Peers : 25
This platform has an ASA 5510 Security Plus license.
===============================================================================================
As business improves we are now planning to upgrade our ASA 5510 to ASA 5520 ( 02 nos ver 8.2(5). With the new ASA 5520 we would be planning to buy Any connect vpn license as well.
Finally we will need on the ASA 5520 IPSEC site to site vpn, IPSEC - remote access vpn , clientless vpn with SSL & Any connect vpn license. What are the licences should i purchase inorder to have all the above services on the box with version 8.2(5) ?
suppose if i need to have cisco desktop software which is the license i should have along with other services?
Thanks in advance
Solved! Go to Solution.
12-03-2012 12:34 PM
Hello,
You are good to go..
AnyConnect Premium Peers : 50
AnyConnect Essentials : Disabled
They will work.
Remember to rate all of the helpful posts
11-29-2012 02:12 PM
In order to have both SSL anyconnect clients and clientless SSL you should go for the anyconnect premium license.
Here is a brief description of this license:
These licenses are unrestricted and allow for client-based and client-less VPNs along with some advanced security features like Endpoint Assessments and Remote Host Scans. The AnyConnect Premium scheme is tiered. So the licensing starts at the 2 the ASA comes with. You can then upgrade to 10, 25, 50, 100, 250, etc... until you reach the box max.
You will also be able to maintain your L2L tunnels.
Julio
11-29-2012 02:24 PM
Thanks for the response.
Meanwhile with the AnyConnect Essentials VPN License i hope i can run all the above services(IPSEC site to site vpn, IPSEC - remote access vpn , SSL anyconnect clients ) except clientless SSL vpn and cisco desktop software. please clarrify thanks
11-29-2012 03:01 PM
Hello,
Exactly You got it...
Regards,
12-03-2012 06:48 AM
Dears,
I got the following licence is being applied in the system now. Following is the Sh ver from the device. I hope i can configure Any connect client and clientless SSL on the system now. Please verify and update thanksss.
Failover : Enabled
Encryption-DES : Enabled
Encryption-3DES-AES : Enabled
Security Contexts : 2
GTP/GPRS : Disabled
AnyConnect Premium Peers : 50
Other VPN Peers : 750
Advanced Endpoint Assessment : Disabled
AnyConnect for Mobile : Disabled
AnyConnect for Cisco VPN Phone : Disabled
Shared License : Disabled
UC Phone Proxy Sessions : Default
Total UC Proxy Sessions : Default
AnyConnect Essentials : Enabled
Botnet Traffic Filter : Disabled
Intercompany Media Engine : Disabled
12-03-2012 07:07 AM
These two entries indicate the license is installed.
AnyConnect Premium Peers : 50
AnyConnect Essentials : Enabled
12-03-2012 07:31 AM
Hello,
Please share
show run webvpn,
Regards
12-03-2012 10:20 AM
I am just away from office .. Will provide same tomorrow...
Meanwhile "L-ASA-SSL-50=ASA 5500 SSL VPN 50 Premium User License" this is the licence i have procured from cisco. I would need
both Anyconnect vpn & SSL clientless should be working on the system. Hope i would acheive with the above license.
Below is the output i got when generated the Licence key. please clarrify. thanks in advance
Failover : Enabled
Encryption-DES : Enabled
Encryption-3DES-AES : Enabled
Security Contexts : 2
GTP/GPRS : Disabled
AnyConnect Premium Peers : 50
Other VPN Peers : 750
Advanced Endpoint Assessment : Disabled
AnyConnect for Mobile : Disabled
AnyConnect for Cisco VPN Phone : Disabled
Shared License : Disabled
UC Phone Proxy Sessions : Default
Total UC Proxy Sessions : Default
AnyConnect Essentials : Disabled
Botnet Traffic Filter : Disabled
Intercompany Media Engine : Disabled
12-03-2012 12:34 PM
Hello,
You are good to go..
AnyConnect Premium Peers : 50
AnyConnect Essentials : Disabled
They will work.
Remember to rate all of the helpful posts
12-03-2012 08:23 PM
Thanks
In future hope i can get Cisco desktop software & Anyconnect mobile licence and get it run on this platform..pl response
12-03-2012 10:21 PM
Hello,
Yes, that is possible
Regards,
Julio
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: