Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2192
Views
0
Helpful
4
Replies

ISE and AnyConnect APEX License

Go to solution
gaigl
Level 3
Level 3

‎07-01-2020 04:07 AM

Hello,

 

Question about Licensing:

we've a Firepower 2120 and 2000 APEX Licenses for the Users.

And we've a ISE 2.4. with a Base 100 License (for WLAN Radius Auth)

 

Now we want to establish an Accounting of the AnyConnect-Clients of the Firepower to the ISE.

Can I import the Anyconnect APEX License to the ISE, or can I just establish the Acoounting?

I guess the ISE will create Messages about over-consumption of the Base-License, or can I ignore this because we have the License?

I don't want to make any Posture or NAM, this happens on the Firepower.

 

thanks for Advice

 

Karl

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Mike.Cifelli
VIP Alumni
VIP Alumni

‎07-01-2020 05:21 AM

Can I import the Anyconnect APEX License to the ISE, or can I just establish the Acoounting?
-You can enable/establish accounting to track concurrent endpoints on the network. The AnyConnect Apex licenses do not get consumed in ISE, and you are unable to track consumption of them with ISE. AnyConnect Apex Licenses in relation to ISE features are essentially a 'right-to-use'.
I guess the ISE will create Messages about over-consumption of the Base-License, or can I ignore this because we have the License?
-Enabling accounting will allow you to track any/all ISE session based license consumption in ISE and generate alarms should you exceed your limit.
See this link for more detail: https://www.cisco.com/c/en/us/td/docs/security/ise/2-6/admin_guide/b_ise_admin_guide_26/b_ise_admin_guide_26_chapter_0110.html
HTH!

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Mike.Cifelli
VIP Alumni
VIP Alumni

‎07-01-2020 05:21 AM

Can I import the Anyconnect APEX License to the ISE, or can I just establish the Acoounting?
-You can enable/establish accounting to track concurrent endpoints on the network. The AnyConnect Apex licenses do not get consumed in ISE, and you are unable to track consumption of them with ISE. AnyConnect Apex Licenses in relation to ISE features are essentially a 'right-to-use'.
I guess the ISE will create Messages about over-consumption of the Base-License, or can I ignore this because we have the License?
-Enabling accounting will allow you to track any/all ISE session based license consumption in ISE and generate alarms should you exceed your limit.
See this link for more detail: https://www.cisco.com/c/en/us/td/docs/security/ise/2-6/admin_guide/b_ise_admin_guide_26/b_ise_admin_guide_26_chapter_0110.html
HTH!
0 Helpful

Go to solution
gaigl
Level 3
Level 3
In response to Mike.Cifelli

‎07-01-2020 05:43 AM

Thank you Mike,

 

just to get it right:

I can establish the Accounting, when there are about 500 concurrent VPN-Connections and about 70 WIFI Connections, witout License Violation?

0 Helpful

Go to solution
Mike.Cifelli
VIP Alumni
VIP Alumni
In response to gaigl

‎07-01-2020 05:56 AM

I can establish the Accounting, when there are about 500 concurrent VPN-Connections and about 70 WIFI Connections, witout License Violation?
-Based on info you provided, yes. Once properly setup you can track ISE licensing via Administration->System->Licensing. Cheers!
0 Helpful

Go to solution
gaigl
Level 3
Level 3
In response to Mike.Cifelli

‎07-02-2020 03:29 AM

Thank you Mike

0 Helpful
Customers Also Viewed These Support Documents