We have a Cisco ASA 5520 with the VPN PLus License and 8.04 IOS installed, we want to set up vpn access to our users. We can use the cisco VPN client which works on WIndows Platform, but we also have MAC OS 10.7 which works only with Cisco Anyconnect.
I am a little bit lost with all the client and the license, actually we can't setup more than 2 vpn session with an Anyconnect client installed on MAC or Windows. The authentication is by Certificate, the first two connect fine, but the third one don't connect and prompt for a username / password.
I joined a SH VER of my ASA, if anyome can tell me what is wrong on the license or perhaps it's a configuration problem?
Thanks a lot for the answer.
fw-eps-02# sh ver
Cisco Adaptive Security Appliance Software Version 8.0(4) Device Manager Version 6.4(1)
Compiled on Thu 07-Aug-08 20:53 by builders System image file is "disk0:/asa804-k8.bin" Config file at boot was "startup-config"
Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0) Boot microcode : CN1000-MC-BOOT-2.00 SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.03 IPSec microcode : CNlite-MC-IPSECm-MAIN-2.05 0: Ext: GigabitEthernet0/0 : address is c84c.75da.9a58, irq 9 1: Ext: GigabitEthernet0/1 : address is c84c.75da.9a59, irq 9 2: Ext: GigabitEthernet0/2 : address is c84c.75da.9a5a, irq 9 3: Ext: GigabitEthernet0/3 : address is c84c.75da.9a5b, irq 9 4: Ext: Management0/0 : address is c84c.75da.9a5c, irq 11 5: Int: Not used : irq 11 6: Int: Not used : irq 5
Licensed features for this platform: Maximum Physical Interfaces : Unlimited Maximum VLANs : 150 Inside Hosts : Unlimited Failover : Active/Active VPN-DES : Enabled VPN-3DES-AES : Enabled Security Contexts : 2 GTP/GPRS : Disabled VPN Peers : 750 WebVPN Peers : 2 AnyConnect for Mobile : Disabled AnyConnect for Linksys phone : Disabled Advanced Endpoint Assessment : Disabled UC Proxy Sessions : 2
This platform has an ASA 5520 VPN Plus license.
Serial Number: JMX1433L0Y3 Running Activation Key: 0x3a17c153 0x8c141630 0xe0f3b5d4 0x86044ccc 0x47193392 Configuration register is 0x40 (will be 0x1 at next reload) Configuration last modified by mgeffroy at 15:33:11.409 CEST Mon Jan 23 2012 fw-eps-02#
Thanks for your quick answer, I thought the VPN license was enough to use le Anyconnect client. I'm going to search the right license to use anyconnect client as we already deploy the client on each platform.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...