I found a 5510 FW laying around in a corner and wanted use it for AnyConnect. Now I'm having a bit of a trouble reasoning what I might need extra to use this. I've looked at http://www.cisco.com/c/en/us/td/docs/security/asa/asa84/license/license_management/license.html#wp2142486 and I'm assuming the only thing I would need is the "AnyConnect Essentials" license, however something is nagging me in the back of my head that says I need a newer software than 8.2.3 (which in turn should require med to change the RAM so I'm up to 1GB). Am I completely out to lunch on this?
Information about the FW
Cisco Adaptive Security Appliance Software Version 8.2(3)Device Manager Version 6.2(5)53Compiled on Fri 06-Aug-10 07:51 by buildersSystem image file is "disk0:/asa823-k8.bin"
Hardware: ASA5510, 256 MB RAM, CPU Pentium 4 Celeron 1600 MHz
Internal ATA Compact Flash, 64MBBIOS Flash AT49LW080 @ 0xffe00000, 1024KBEncryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0) Boot microcode : CN1000-MC-BOOT-2.00 SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.03 IPSec microcode : CNlite-MC-IPSECm-MAIN-2.040: Ext: Ethernet0/0 : address is 0012.d948.f8ae, irq 91: Ext: Ethernet0/1 : address is 0012.d948.f8af, irq 92: Ext: Ethernet0/2 : address is 0012.d948.f8b0, irq 93: Ext: Ethernet0/3 : address is 0012.d948.f8b1, irq 94: Ext: Management0/0 : address is 0012.d948.f8b2, irq 115: Int: Not used : irq 116: Int: Not used : irq 5Licensed features for this platform:Maximum Physical Interfaces : UnlimitedMaximum VLANs : 50Inside Hosts : UnlimitedFailover : DisabledVPN-DES : EnabledVPN-3DES-AES : EnabledSecurity Contexts : 0GTP/GPRS : DisabledSSL VPN Peers : 2Total VPN Peers : 250Shared License : DisabledAnyConnect for Mobile : DisabledAnyConnect for Cisco VPN Phone : DisabledAnyConnect Essentials : DisabledAdvanced Endpoint Assessment : DisabledUC Phone Proxy Sessions : 2Total UC Proxy Sessions : 2Botnet Traffic Filter : DisabledThis platform has a Base license.Serial Number: Running Activation Key: Configuration register is 0x1Configuration last modified by enable_15 at 07:58:14.559 CEDT Fri Jul 4 2014
Anyconnect support is available on ASA with code 8.0 and above so you should be available to use this setup on your current ASA.
So , lets start with the default parameters. The ASA provides you with 2 SSL peers so that you can test the functionality provided by Anyconnect Premium and Anyconnect Essentials. Moving further, there are two types of SSL VPN:- If you wish to use Anyconnect as a client based solution (full tunnel mode) , similar to IPSEC VPN, you can use Anyconnect Essentials. However, if you need all the advance feature of AnyConnect (CSD, host scan, etc.), clientless SSL VPN as well as the AnyConnect full tunnel mode, then you would need to purchase AnyConnect premium license.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...