10-29-2010 06:17 AM - edited 03-11-2019 12:02 PM
Hi everybody,
We've recently adquired an ASA 5505 with a base license, but we realised that we needed trunking and we upgradeded to Secury Plus (ASA5510-SEC-BUN-K9) by adquiring a ASA5505-SEC-PL. Now we have trunking but other trouble has appeared.
Connections from inside and dmz to outside became intermittent and it seems that the limit of 10 hosts inside is the cause.
Does anyone know if a Security Plus license has a 10 host inside limitation? A show version indicates it:
Maximum Physical Interfaces : 8
VLANs : 20, DMZ Unrestricted
Inside Hosts : 10
Failover : Active/Standby
VPN-DES : Enabled
VPN-3DES-AES : Enabled
VPN Peers : 25
WebVPN Peers : 2
Dual ISPs : Enabled
VLAN Trunk Ports : 8
Is there a problem with the activation process or Base license + ASA5505-SEC-PL implies 10 hosts? How can we upgrade to a Unlimited or 50 hosts inside?
Thank you in advance.
Regards,
David
10-29-2010 06:27 AM
http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/license.html#wp1330679
According to the above link security plus shows 50 hosts or unlimitted.
-KS
10-29-2010 06:35 AM
Ok, I understand there are diferent Security Plus licenses (10, 50 and unlimitted) but I can't find how the change or upgrade from one to another:
When we ordered a Security Plus there isn't a way to choose which one:
Base Plus
Users, concurrent3 | 104 | Optional licenses: | 104 | Optional licenses: | ||||||||
50 | Unlimited | 50 | Unlimited | |||||||||
Anyone knows?
10-29-2010 06:50 AM
I believe you need this.
Cisco ASA 5505 50-User Bundle includes 8-port Fast Ethernet switch, 10 IPsec VPN peers, 2 Premium VPN peers, 3DES/AES license
ASA5505-50-BUN-K9
the part number is listed here under "Ordering Information":
-KS
10-29-2010 11:57 PM
ASA5505-50-BUN-K9 is not the correct part. The poster needs an upgrade license, not a new firewall.
10-29-2010 11:54 PM
In addition to your Sec Plus license upgrade, you will need to obtain a new license to upgrade the number of users. For example, ASA5505-SW-10-UL will upgrade users from 10 to unlimited.
See this post from last year https://supportforums.cisco.com/thread/1001856
For reference, these are the eDelivery and physical delivery SKUs for the various ASA5505 upgrades:
ASA 5505 10-to-50 User upgrade software license
L-ASA5505-10-50=
ASA5505-SW-10-50=
ASA 5505 10-to-Unlimited User upgrade software license
L-ASA5505-10-UL=
ASA5505-SW-10-UL=
ASA 5505 50-to-Unlimited User upgrade software license
L-ASA5505-50-UL=
ASA5505-SW-50-UL=
ASA5505Sec.PlusLic.w/HA,DMZ, VLAN trunk, more conns.
L-ASA5505-SEC-PL=
ASA5505-SEC-PL=
10-30-2010 10:53 AM
Thank you very much!
I think this is what I need. Just a last question: if I upgrade from ASA5505-SEC-PL to L-ASA5505-10-50 or L-ASA5505-10-UL I will not lose the VLAN trunking, Won't I? I know this can seems a stupid question but it would be terrible to lose this feature. I use this appliance is a costumer which is using 2 VLANs (ToIP and data) so I need trunking. And I need a DMZ as well and there are about 20 hosts and 10 servers in inside.
Thank you again.
Regards,
David
10-30-2010 11:02 AM
They are two separate licenses. You will end up with either a 50 or unlimited user security plus license depening on which you go for. Your VLAN trunking will be fine!
This is the output from what was originally a basic 10 user ASA 5505 which has had both the Sec Plus and unlimited user upgrade licenses applied:
Licensed features for this platform:
Maximum Physical Interfaces : 8 perpetual
VLANs : 20 DMZ Unrestricted
Dual ISPs : Enabled perpetual
VLAN Trunk Ports : 8 perpetual
Inside Hosts : Unlimited perpetual
Failover : Active/Standby perpetual
VPN-DES : Enabled perpetual
VPN-3DES-AES : Enabled perpetual
SSL VPN Peers : 2 perpetual
Total VPN Peers : 25 perpetual
Shared License : Disabled perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
AnyConnect Essentials : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
UC Phone Proxy Sessions : 2 perpetual
Total UC Proxy Sessions : 2 perpetual
Botnet Traffic Filter : Disabled perpetual
Intercompany Media Engine : Disabled perpetual
This platform has an ASA 5505 Security Plus license.
11-02-2010 12:31 AM
Thank you, I think that't it. I going to order the upgrade to 50 users and I'll post the result.
Regards,
David
11-05-2010 12:59 AM
Hi everybody,
I've just upgraded my 5505 from 10 users to unlimited with L-ASA5505-10-UL:
Licensed features for this platform:
Maximum Physical Interfaces : 8
VLANs : 20, DMZ Unrestricted
Inside Hosts : Unlimited
Failover : Active/Standby
VPN-DES : Enabled
VPN-3DES-AES : Enabled
VPN Peers : 25
WebVPN Peers : 2
Dual ISPs : Enabled
VLAN Trunk Ports : 8
Now I have to reconnect the appliance in my customer's LAN, but I'm quite sure it works fine.
Thank you everybody.
Kind regards,
David
11-08-2010 07:59 AM
Hi,
I've just instaled the appliance and it works fine! Thank you very much for your help!
Kind regards,
David
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide