I have a client that has 2 ASA 5520's setup in Active/Standby, They currently have a requirement for a Secure Clientless portal but for only 20 to 30 users , but also require full VPN access for 300+ concurrent users to use the Anyconnect client. They currently have 50 user Anyconnect Premium licence loaded (25 on the active and 25 onthe Standby), however I see it as an uncessary expense to get additional Premium licences for them to use the Anyconnect client can I not rather purchase the Anyconnect Essentials licence and "unlock" the IPSEC client users (750) and use the Premium and Essential licences together?
Unfortunately the ASA does not support using both the Premium AnyConnect license and the AnyConnect Essentials license both at the same time. It will use one or the other. The only solution that I see that allows you to avoid the expense of more Premium licenses would be to separate the ASAs (remove the failover logic) and run one ASA with Premium licenses and run the other ASA with the AnyConnect Essentials license.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...