Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Failover 5505 Basic License

Guys,

I have 2 ASAs, I have my own lab at home and One of the ASAs is sitting here doing nothing. Question..

Can I configure failover with basic license?

Any other idea that I can use it? I have done few projects, and I would like to use it on something else.

Any idea that comes to your guys mind? would be more than welcome to receive it.

Regards,


Sent from Cisco Technical Support iPhone App

2 ACCEPTED SOLUTIONS

Accepted Solutions
Super Bronze

Failover 5505 Basic License

Hi,

ASA5505 to my understanding doesnt support Failover with Base License.

Here is a link to a software version 8.3 section of licensing for ASA5505

http://www.cisco.com/en/US/docs/security/asa/asa83/license_standalone/license_management/license.html#wp1450337

I am not sure what you are looking for specifically? Just some ideas what to use it for just so it doesnt sit there unused?

Maybe you can try out something like

  • Transparent Firewall = if you need to learn how it operates.
  • VPN Firewall = Use the ASA as a separate firewall for VPN connectivity like IPsec Client, SSL Client or Clientless SSL testing. You could even configure L2L VPN between this ASA and your current ASA5505 if you need to test something related to that. You could perhaps also use it as a entry point to your network if the main firewall would happen to fail.
  • Testing Firewall = Use it as a testing firewall to test configurations changes like NAT. I use an ASA5505 at home to test different setups people ask about here on the forums

If you had a licensed 5510 or a basic 5520 then you could probably even test Multiple Context mode.

Naturally also some of testing you could do is limited depending on whether you have a service contract for the ASA to get updated softwares for it.

- Jouni

New Member

Failover 5505 Basic License

Hi,

Donate for charety. lol

Upgrade it, because with basic license you cant use failover. And even in Sec Plus license you can´t do stateful failover. Wich means, every time that a equipment of the peer fails all connection have to reestart again.

Take care,

AS

5 REPLIES
Super Bronze

Failover 5505 Basic License

Hi,

ASA5505 to my understanding doesnt support Failover with Base License.

Here is a link to a software version 8.3 section of licensing for ASA5505

http://www.cisco.com/en/US/docs/security/asa/asa83/license_standalone/license_management/license.html#wp1450337

I am not sure what you are looking for specifically? Just some ideas what to use it for just so it doesnt sit there unused?

Maybe you can try out something like

  • Transparent Firewall = if you need to learn how it operates.
  • VPN Firewall = Use the ASA as a separate firewall for VPN connectivity like IPsec Client, SSL Client or Clientless SSL testing. You could even configure L2L VPN between this ASA and your current ASA5505 if you need to test something related to that. You could perhaps also use it as a entry point to your network if the main firewall would happen to fail.
  • Testing Firewall = Use it as a testing firewall to test configurations changes like NAT. I use an ASA5505 at home to test different setups people ask about here on the forums

If you had a licensed 5510 or a basic 5520 then you could probably even test Multiple Context mode.

Naturally also some of testing you could do is limited depending on whether you have a service contract for the ASA to get updated softwares for it.

- Jouni

New Member

Failover 5505 Basic License

Jouni,

We posted awnser in the same minute man....

Funny coincidence .lol

AS

New Member

Failover 5505 Basic License

Hi,

Donate for charety. lol

Upgrade it, because with basic license you cant use failover. And even in Sec Plus license you can´t do stateful failover. Wich means, every time that a equipment of the peer fails all connection have to reestart again.

Take care,

AS

New Member

Failover 5505 Basic License

I havent tried the transparent mode. Let's see how that goes.

Than you guys for your comments.

I will figure some things out with it.

Thanks,

Oscar.

Silver

Failover 5505 Basic License

You can check if it supports failover or not by default using show activiation-key details which should provide you with this output Failover : Disabled how ever if it supports failover , it should show something like that Failover : Active/Active perpetual

---

Posted by WebUser Marwan Hassan from Cisco Support Community App

153
Views
0
Helpful
5
Replies