In order to upgrade the standard 2 user SSL license to 50, do I have to purchase an SSL license for both the active and failover ASA, essentially doubling my cost? I bought one license and loaded it into the active unit and obviously now it wont go into failover mode because the 2 units dont match now. If you have to purchase a license for both, that certainly makes it rediculously expensive to upgrade any license in a failover.
Although it is not recommended in failover deployment there is VPN Flex licensing , where you may use temp license in the standby when becomes active . it sounds tediousto keep track of timed base licenses but it may help if money is an object in purchasing additional 50 SSL lic for the standby . Im not ware of the cost difererces when using flex license compared with permanent lic.
Prior to the release of 8.3 code, the failover feature looked at the member ASAs to ensure that the licensing matched. With 8.3, only one unit needs a valid license. If one ASA has a 50 user persistent license and then other has the default of 2 users, the total that the HA pair could support is 52. Remember that in order to upgrade to 8.3, each platform has strict memory requirements many of which will require a memory upgrade.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :