Buy or Renew
Buy or Renew
NOTICE: The community will be in READ-ONLY Sept. 6 – 9 to add Umbrella release notes and announcements. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2437
Views
0
Helpful
9
Replies

Shared License Server / AnyConnect Mobile

kcopping
Level 1
Level 1

‎02-05-2013 08:22 AM - edited ‎03-11-2019 05:56 PM

I have a pair of 5540's with Premiun and AnyConnect Mobile licenses, we purchased a pair of ASA 5545X and configured Shared Licensing, the client sees the license server and carried over the Premium Licenses, the probelm is it will not share /carry over the AnyConnect Mobile licenses.

Any feedback is greatly appreciated.

5540 - License Server

Licensed features for this platform:

Maximum Physical Interfaces    : Unlimited      perpetual

Maximum VLANs                  : 200            perpetual

Inside Hosts                   : Unlimited      perpetual

Failover                       : Active/Active  perpetual

VPN-DES                        : Enabled        perpetual

VPN-3DES-AES                   : Enabled        perpetual

Security Contexts              : 2              perpetual

GTP/GPRS                       : Disabled       perpetual

SSL VPN Peers                  : 2              perpetual

Total VPN Peers                : 5000           perpetual

Shared License                 : Enabled        perpetual

  Shared SSL VPN Peers         : 500            perpetual

AnyConnect for Mobile          : Enabled        perpetual

AnyConnect for Cisco VPN Phone : Disabled       perpetual

AnyConnect Essentials          : Disabled       perpetual

Advanced Endpoint Assessment   : Disabled       perpetual

UC Phone Proxy Sessions        : 50             perpetual

Total UC Proxy Sessions        : 50             perpetual

Botnet Traffic Filter          : Disabled       perpetual

Intercompany Media Engine      : Disabled       perpetual

This platform has an ASA 5540 VPN Premium license.

This platform is a shared license server.

Failover cluster licensed features for this platform:

Maximum Physical Interfaces    : Unlimited      perpetual

Maximum VLANs                  : 200            perpetual

Inside Hosts                   : Unlimited      perpetual

Failover                       : Active/Active  perpetual

VPN-DES                        : Enabled        perpetual

VPN-3DES-AES                   : Enabled        perpetual

Security Contexts              : 4              perpetual

GTP/GPRS                       : Disabled       perpetual

SSL VPN Peers                  : 4              perpetual

Total VPN Peers                : 5000           perpetual

Shared License                 : Enabled        perpetual

  Shared SSL VPN Peers         : 500            perpetual

AnyConnect for Mobile          : Enabled        perpetual

AnyConnect for Cisco VPN Phone : Disabled       perpetual

AnyConnect Essentials          : Disabled       perpetual

Advanced Endpoint Assessment   : Disabled       perpetual

UC Phone Proxy Sessions        : 52             perpetual

Total UC Proxy Sessions        : 52             perpetual

Botnet Traffic Filter          : Disabled       perpetual

Intercompany Media Engine      : Disabled       perpetual

This platform has an ASA 5540 VPN Premium license.

ASA5545X Devices

Corp-VPN1# show vpn-sessiondb license-summary

---------------------------------------------------------------------------

VPN Licenses and Configured Limits Summary                                

---------------------------------------------------------------------------

                                     Status : Capacity : Installed :  Limit

                                  -----------------------------------------

AnyConnect Premium               :  ENABLED :     2500 :         2 :   NONE

AnyConnect Essentials            : DISABLED :     2500 :         0 :   NONE

Other VPN (Available by Default) :  ENABLED :     2500 :      2500 :   NONE

Shared License Server            : DISABLED

Shared License Participant       :  ENABLED

AnyConnect for Mobile            : DISABLED(Requires Premium or Essentials)

Advanced Endpoint Assessment     : DISABLED(Requires Premium)

VPN-3DES-AES                     :  ENABLED

VPN-DES                          :  ENABLED

AnyConnect for Cisco VPN Phone   : DISABLED

---------------------------------------------------------------------------

---------------------------------------------------------------------------

VPN Licenses Usage Summary                                                

---------------------------------------------------------------------------

                          Local : Shared :   All  :   Peak :  Eff.  :     

                         In Use : In Use : In Use : In Use :  Limit : Usage

                       ----------------------------------------------------

AnyConnect Premium     :      0 :      0 :      0 :      2 :      2 :    0%

  AnyConnect Client    :                 :      0 :      1          :    0%

    AnyConnect Mobile  :                 :      0 :      0          :    0%

  Clientless VPN       :                 :      0 :      1          :    0%

Other VPN              :                 :      0 :      0 :   2500 :    0%

  Cisco VPN Client/    :                 :      0 :      0          :    0%

  L2TP Clients

  Site-to-Site VPN     :                 :      0 :      0          :    0%

---------------------------------------------------------------------------

---------------------------------------------------------------------------

Shared License Network Summary                                            

---------------------------------------------------------------------------

AnyConnect Premium                                                        

  Total shared licenses in network                              :       500

  Shared licenses held by this participant                      :         0

  Shared licenses held by all participants in the network       :         0

---------------------------------------------------------------------------

Labels:
0 Helpful
9 Replies 9

Jennifer Halim
Cisco Employee
Cisco Employee

‎02-05-2013 09:30 PM

Shared license only shares the AnyConnect user license, not the feature license of AnyConnect Mobile.

As AnyConnect Mobile is a feature license (enable or disable state, doesn't have number of user count for AnyConnect Mobile license), hence it can't be shared.

0 Helpful

kcopping
Level 1
Level 1
In response to Jennifer Halim

‎02-12-2013 04:02 PM

Thank you for the information. I ordered this product ->

L-ASA-AC-M-5545= AnyConnect Mobile - ASA 5545-X (req. Essentials or Premium)   

The problem is after I installed the license and reboot it removed my 3DES capability, it also disbled the abiliby to do license sharing(this is a client).  Why would this be removed when I already had it active and just trying to enable AnyConnect mobile functionalilty. See new show ver below, Help!

Licensed features for this platform:

Maximum Physical Interfaces       : Unlimited      perpetual

Maximum VLANs                     : 300            perpetual

Inside Hosts                      : Unlimited      perpetual

Failover                          : Active/Active  perpetual

VPN-DES                           : Enabled        perpetual

VPN-3DES-AES                      : Disabled       perpetual

Security Contexts                 : 2              perpetual

GTP/GPRS                          : Disabled       perpetual

AnyConnect Premium Peers          : 2              perpetual

AnyConnect Essentials             : Disabled       perpetual

Other VPN Peers                   : 2500           perpetual

Total VPN Peers                   : 2500           perpetual

Shared License                    : Disabled       perpetual

AnyConnect for Mobile             : Enabled        perpetual

AnyConnect for Cisco VPN Phone    : Disabled       perpetual

Advanced Endpoint Assessment      : Disabled       perpetual

UC Phone Proxy Sessions           : 2              perpetual

Total UC Proxy Sessions           : 2              perpetual

Botnet Traffic Filter             : Disabled       perpetual

Intercompany Media Engine         : Disabled       perpetual

IPS Module                        : Disabled       perpetual

This platform has an ASA5545 VPN Premium license.

0 Helpful

Jennifer Halim
Cisco Employee
Cisco Employee
In response to kcopping

‎02-12-2013 05:11 PM

I would suggest that you contact licensing@cisco.com, so they can cut you the activation key that includes all the feature that you have purchased and required.

Include a copy of "show version" and also feature that you need so the correct activation key that includes all can be provided.

0 Helpful

kcopping
Level 1
Level 1
In response to Jennifer Halim

‎02-12-2013 05:23 PM

Thank you for the advice. I will do that, let me ask. Is there different versions of the AnyConnect Mobile license (DES /3DES)?

Why would it disable my license sharing ability?

Now I cannot use a web browser going to https://ASA-IP-ADDRESS, it will not let me open a Secure SSL Connection. Or use the Windows Anyconnect client to reach this device.

0 Helpful

Jennifer Halim
Cisco Employee
Cisco Employee
In response to kcopping

‎02-12-2013 05:27 PM

No, there is no different version of AC Mobile. The reason why it disable is because when you do the activation online, it doesn't incorporate that you already have 3DES activation key enabled, so it only cuts you the activation key for the AC Mobile license, instead of everything that you have enabled before. That is why the existing license that you already have got disable.

If you still have a copy of the "show version" prior to enabling the AC Mobile license, then you can re-apply the activation key and it will get you back to what you have before you apply the AC Mobile license.

Then you can contact licensing@cisco.com to cut you the activation key that includes all the license that you have purchased.

0 Helpful

kcopping
Level 1
Level 1
In response to Jennifer Halim

‎02-12-2013 05:51 PM

Thank you so much for all the useful information you are providing. I would have never thought a simple license like AnyConnect Mobile would have cause that.

I did not obatin a copy of the show ver prior to the ASA reboot.  I have a 2nd identical ASA device (both ordered at the same time) that I am configuring as 2 seperate VPN endpoints.  I have only reboot one device, the other has the new license installed but is not active as I have not rebooted it yet.  I tried to run this command on the device I have not rebooted but received this message -> This is a permanent activation key and cannot be deactivated.

Regards,

K-

0 Helpful

Jennifer Halim
Cisco Employee
Cisco Employee
In response to kcopping

‎02-12-2013 06:02 PM

If you haven't rebooted it, i would suggest that you don't so the new license doesn't get applied yet, and it will continue to use the old license.

Once you obtain the new activation key from licensing team, then reboot it, apply the new key, and reboot it again. Then the new license key will be applied.

You will need to reboot for the following license upgrade/downgrade:

http://www.cisco.com/en/US/docs/security/asa/asa84/license/license_management/license.html#wp1488199

0 Helpful

kcopping
Level 1
Level 1
In response to Jennifer Halim

‎02-12-2013 07:14 PM

The Licensing Team sent me a like to re-activate 3DES on my device. However it did not activate the shared license capability I had previously.  I emailed the licensing team again, hopefully they will be able to resolve this also. 

0 Helpful

Jennifer Halim
Cisco Employee
Cisco Employee
In response to kcopping

‎02-12-2013 07:16 PM

Tell them what feature you have purchased and ask them to activate all of those.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card