Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

SSL Licensing on ASA with failover

Hello,

General question you all. Cisco licensing says that we have to purchase DOUBLE the amount of licenses we need if we want to run two ASA's in active/standby failover mode. Does that sound right to you all. Can anyone comment if they are purchasing double the amount of licenses they need when they run active/standby failover? Obviously I can't afford the downtime if the primary unit dies to rehost the key.

Thanks.

CK

4 REPLIES

Re: SSL Licensing on ASA with failover

Can't find anything in writing but my instinct is yes, you do need licences on both. I know that if one had a 3DES licence and the other did not, then you would loose 3DES functions if the primary failed. In your case if the primary ASA dies, you still want the secondary to do SSL, so it must have an SSL licence.

You're not buying double the licences, just one licence for each ASA.

Community Member

Re: SSL Licensing on ASA with failover

Thanks, your instincts are correct. I can't even run the failover setup without solving the license conflict first.

Cisco Licensing says I need to buy double the license which doesn't make sense to me. Has anyone ran into this before?

Community Member

Re: SSL Licensing on ASA with failover

My salesperson sold only 1 set of SSLVPN license to the customers. When we install the SSLVPN license. The failover relation broke immediately and prompt a number of warning messages.

Community Member

Re: SSL Licensing on ASA with failover

Were you able to resolve your failover warning messages?

I finally got a response from Cisco made some sense. They said they would only rehost the license to a Cisco RMA sent box. So that means I have no choice to waste the money and buy a duplicate set of license. It sucks.

131
Views
0
Helpful
4
Replies
CreatePlease to create content