Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Need to configure two ASAs in active/standby mode

Hello everybody,

My company has bought from Cisco two L-ASA5510-SEC-PL= licenses for two ASAs and I have to configure these two ASAs in active/standby mode for redundancy. During the active/standby configuration wizard I got a message telling that these two ASAs does not have the same number of SSL VPN licenses and the wizard fails.

One ASA has 2 SSL VPN (the default lincenses) licenses and the other ASA has 25 SSL VPN licenses.

Is there any solution for this issue except the one to buy 25 SSL VPN licenses for the first ASA ?

It seems strange, but is there any possibility to decrease the number of SSL VPN linceses for the second ASA ??

Please I need your help.

Thank you and regards,




Re: Need to configure two ASAs in active/standby mode


You can raise a TAC ticket to have them re-issue your activation key -23 SSL licenses, in any kind of failover setup - both devices must be identical in the following:-

The two units in a failover configuration must have the same hardware configuration. They must be the same model, have the same number and types of interfaces, and the same amount of RAM.  On the ASA security appliance platform, at least one of the units must have an unrestricted (UR) license.

The licensed features (such as SSL VPN peers or security contexts) on both security appliances that participate in failover must be identical.

So either by more SSL licenses or downgrade.....all depends on if you are going to SSL at a later date.