Problem Details: Hi there, I have a 5550 ASA running AnyConnect Essentials license. But I am uncertain how many SSL VPN/AnyConnect sessions it can take. The Licenses show 5000 Total VPN Peers. But also states 25 SSL VPN Peers. So I am a little confused and don't want to roll this out to more than 25 people incase they start getting refused entry.
The output from sh activation-key is: Licensed features for this platform: Maximum Physical Interfaces : Unlimited Maximum VLANs : 250 Inside Hosts : Unlimited Failover : Active/Active VPN-DES : Enabled VPN-3DES-AES : Enabled Security Contexts : 2 GTP/GPRS : Disabled SSL VPN Peers : 25 Total VPN Peers : 5000 Shared License : Disabled AnyConnect for Mobile : Disabled AnyConnect for Cisco VPN Phone : Disabled AnyConnect Essentials : Enabled Advanced Endpoint Assessment : Disabled UC Phone Proxy Sessions : 2 Total UC Proxy Sessions : 2 Botnet Traffic Filter : Disabled
This license enables AnyConnect VPN client access to the adaptive security appliance. This license does not support browser-based (clientless) SSL VPN access or Cisco Secure Desktop. For these features, activate an AnyConnect Premium SSL VPN Edition license instead of the AnyConnect Essentials license.
Note With the AnyConnect Essentials license, VPN users can use a Web browser to log in, and download and start (WebLaunch) the AnyConnect client.
So looks like if you have "Essintials", you can go to the web page and client automatically download to your PC and start-up VPN tunnel.
This is reason that I am confused also, what is that - SSL VPN Peers is 25, but Essentials is Enabled.
"The Anyconnect Essentials is a license that allows you to connect up to your 'Total VPN Peers" platform limit with AnyConnect. Without an AnyConnect Essentials license, you are limited to the 'SSLVPN Peers' limit on your device. "
So thus I dont need to have web-portal, but just automatically downloaded vpnclient thru web-browser, I dont need to buy $2200 license for 25 SSL VPN Peers, only $300 license for 5000 AnyConnect SSL VPN Peers.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :