Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA 5505 10 user limit


Can anyone explain how the licences are used.

basically if I have 10 hosts connected does this mean they will be fine or does it mean 1 host can have 10 connections to outside addresses and the rest of the hosts cant connect to anything.


Super Bronze

Re: ASA 5505 10 user limit


Here is a quote from Cisco documentation regarding the ASA 5505 Licensing

In routed mode, hosts on the inside  (Business and Home VLANs) count towards the limit when they communicate  with the outside (Internet VLAN), including when the inside initiates a  connection to the outside as well as when the outside initiates a  connection to the inside. Note that even when the outside initiates a  connection to the inside, outside hosts are not counted towards the limit; only the inside hosts count. Hosts that  initiate traffic between Business and Home are also not counted towards  the limit. The interface associated with the default route is considered  to be the outside Internet interface. If there is no default route,  hosts on all interfaces are counted toward the limit. In transparent  mode, the interface with the lowest number of hosts is counted towards  the host limit.

See the  show local-host command to view host limits.


So as you can see, if you for example have a Base License ASA5505 with 3 Vlans (DMZ, Restricted) then you should be able to use 10 hosts behind your LAN and DMZ interfaces in total if they all need to access the Internet behind the WAN link. Host behind the WAN interface are not counted towards the 10 user limit.

Also the command mentioned in the above quote is a great way to keep track of the host limit.

Hope this helps

- Jouni