I have a ASA 5505 with base 50-user license deployed for a 15 people branch office. But recently ASA started to block internal host since license reached MAX 50.
I did show local-host on ASA and then manually filtered output in spreadsheet and there are only about 20 individual internal IP addresses.
According to Cisco,
In routed mode, hosts on the inside (Business and Home VLANs) count towards the limit when they communicate with the outside (Internet VLAN), including when the inside initiates a connection to the outside as well as when the outside initiates a connection to the inside. Note that even when the outside initiates a connection to the inside, outside hosts are not counted towards the limit; only the inside hosts count. Hosts that initiate traffic between Business and Home are also not counted towards the limit. The interface associated with the default route is considered to be the outside Internet interface. If there is no default route, hosts on all interfaces are counted toward the limit. In transparent mode, the interface with the lowest number of hosts is counted towards the host limit. See the show local-host command to view host limits.
So individual internal IP address will be counted against license on ASA, right? Then where are the other 30 hosts? The ASA is running 8.2(5).
The 8.0 code only means that is the code that it has been reported in...doesn't necessarily mean that it is not found in the 8.2 code...but since you are not doing hairpinning this bug doesn't relate to your issue anyway.
Do your users connect their mobile phones and Tabs to the network as well? How many printers, servers, and any other none user devices connect to the network?
Please remember to select a correct answer and rate
Please remember to rate and select a correct answer
Digged deeper and manually filter again with output from show local brief connection, it shows about pretty much all the IP from DHCP pool are there... Either the ASA is crazy or there is a device exhausting dhcp pool internally, I think...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...