AnyConnect Essentials license

Peter Boerjesson · ‎07-04-2014

Hi,

I found a 5510 FW laying around in a corner and wanted use it for AnyConnect. Now I'm having a bit of a trouble reasoning what I might need extra to use this. I've looked at http://www.cisco.com/c/en/us/td/docs/security/asa/asa84/license/license_management/license.html#wp2142486 and I'm assuming the only thing I would need is the "AnyConnect Essentials" license, however something is nagging me in the back of my head that says I need a newer software than 8.2.3 (which in turn should require med to change the RAM so I'm up to 1GB). Am I completely out to lunch on this?

Information about the FW

Cisco Adaptive Security Appliance Software Version 8.2(3)

Device Manager Version 6.2(5)53



Compiled on Fri 06-Aug-10 07:51 by builders

System image file is "disk0:/asa823-k8.bin"

Hardware:   ASA5510, 256 MB RAM, CPU Pentium 4 Celeron 1600 MHz



Internal ATA Compact Flash, 64MB

BIOS Flash AT49LW080 @ 0xffe00000, 1024KB

Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)

                             Boot microcode   : CN1000-MC-BOOT-2.00

                             SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.03

                             IPSec microcode  : CNlite-MC-IPSECm-MAIN-2.04



0: Ext: Ethernet0/0         : address is 0012.d948.f8ae, irq 9

1: Ext: Ethernet0/1         : address is 0012.d948.f8af, irq 9

2: Ext: Ethernet0/2         : address is 0012.d948.f8b0, irq 9

3: Ext: Ethernet0/3         : address is 0012.d948.f8b1, irq 9

4: Ext: Management0/0       : address is 0012.d948.f8b2, irq 11

5: Int: Not used            : irq 11

6: Int: Not used            : irq 5



Licensed features for this platform:

Maximum Physical Interfaces    : Unlimited

Maximum VLANs                  : 50

Inside Hosts                   : Unlimited

Failover                       : Disabled

VPN-DES                        : Enabled

VPN-3DES-AES                   : Enabled

Security Contexts              : 0

GTP/GPRS                       : Disabled

SSL VPN Peers                  : 2

Total VPN Peers                : 250

Shared License                 : Disabled

AnyConnect for Mobile          : Disabled

AnyConnect for Cisco VPN Phone : Disabled

AnyConnect Essentials          : Disabled

Advanced Endpoint Assessment   : Disabled

UC Phone Proxy Sessions        : 2

Total UC Proxy Sessions        : 2

Botnet Traffic Filter          : Disabled



This platform has a Base license.



Serial Number: 

Running Activation Key: 

Configuration register is 0x1

Configuration last modified by enable_15 at 07:58:14.559 CEDT Fri Jul 4 2014

Dinesh Moudgil · ‎07-04-2014

Hi ,

Anyconnect support is available on ASA with code 8.0 and above so you should be available to use this setup on your current ASA.

So , lets start with the default parameters. The ASA provides you with 2 SSL peers so that you can test the functionality provided by Anyconnect Premium and Anyconnect Essentials.
Moving further, there are two types of SSL VPN:-
If you wish to use Anyconnect as a client based solution (full tunnel mode) , similar to IPSEC VPN, you can use Anyconnect Essentials.
However, if you need all the advance feature of AnyConnect (CSD, host scan, etc.), clientless SSL VPN as well as the AnyConnect full tunnel mode, then you would need to purchase AnyConnect premium license.

That is , either you can purchase Anyconnect Premium or Anyconnect Essentials license according to the requirements.
Here is a link for your reference:-
http://www.cisco.com/c/en/us/products/collateral/security/asa-5500-series-next-generation-firewalls/prod_brochure0900aecd80402e39.html

Regards,
Dinesh Moudgil

P.S. Please rate helpful posts.

Cisco Network Security Channel - https://www.youtube.com/c/CiscoNetSec/