Does this ASA5505 have the standard license or does it have the Plus license? The standard license limits the number of devices that can be connected and processed. I wonder if the original poster is running into this limitation. The output of show version would help to clarify this.

HTH

Rick

I inherited the 5505ASA from the church that I provide technical support for.  I replaced it with a Cisco 5506X.  I attempted to license the 5506X on the Cisco website, but it was too confusing to me and I was not able to satisfactorily register the unit.

I want to be able to VPN into it, but I lost the ability to VPN using the Cisco vpnclient-win-msi-5.0.07.0290-k9 using IPsec that I had been using for the past several years.  Windows 10 put an end to that for me. I have not be able to get anyone to help me understand how I can acquire a Cisco AnyConnect client and what it would cost me for a single user license. My thought was that by licensing the 5506X that it may come with the registration?

The version is:

Cisco Adaptive Security Appliance Software Version 8.4(4)1
Device Manager Version 6.4(9)

Compiled on Thu 14-Jun-12 11:20 by builders
System image file is "disk0:/asa844-1-k8.bin"
Config file at boot was "startup-config"

Licensed features for this platform:
Maximum Physical Interfaces : 8 perpetual
VLANs : 3 DMZ Restricted
Dual ISPs : Disabled perpetual
VLAN Trunk Ports : 0 perpetual
Inside Hosts : Unlimited perpetual
Failover : Disabled perpetual
VPN-DES : Enabled perpetual
VPN-3DES-AES : Enabled perpetual
AnyConnect Premium Peers : 2 perpetual
AnyConnect Essentials : Disabled perpetual
Other VPN Peers : 10 perpetual
Total VPN Peers : 12 perpetual
Shared License : Disabled perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
UC Phone Proxy Sessions : 2 perpetual
Total UC Proxy Sessions : 2 perpetual
Botnet Traffic Filter : Disabled perpetual
Intercompany Media Engine : Disabled perpetual

This platform has a Base license.

I was able to work my way through the issue and now I can switch subnets by patching into the different ports on the switch without losing internet connectivity.  I still don't think it's 100%, but manageable.  By bouncing the system, I meant that I power-cycled all components.  This is all new to me and as noted earlier, my skill level is at a very basic level and I am not sure that I could communicate the the current set-up & configurations intelligently without subjecting myself to condescension by people that know so much more than I do.

Hello,

your remaining problems is connection to the ASA with a Windows 10 based AnyConnect client ? What message do you get when you try to connect ?

Post the full configuration of the ASA so we can check if the required components for VPN access are there...

Richard

I am glad that you were able to successfully resolve your original problem. There are a couple of ways tget the AnyConnect client for your laptop. Whether there is a charge depends on how you get the client. The most common way to get the AnyConnect client on your laptop is to connect to a VPN headend that is configured for AnyConnect. The headend would load the AnyConnect client to your laptop and there is no charge for this.

It is also possible to download a copy of the AnyConnect client from the Cisco web site and manually load the client on your laptop. But to do this you must have an active support contract with Cisco and there is a charge for that.

HTH

Rick

Thanks Rick -

As soon as I figure out what a "VPN headend" is and how to connect to one, I will be in business :-0)

I have been able to modify Windows 10 registry to allow me to continue using the old Cisco Systems VPN Client 5.0.07.0290 for the time being.  The problem with that is every time there is a major Windows update installed, the registry values change and I have to repair the program installation to get the correct value (HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CVirtA) back before I can modify it.

Thank you very much for your help - you have been very helpful.

Richard . . .

Richard

I am glad that my responses have been helpful. The VPN headend would typically be an ASA (or sometimes a Cisco router) configured to support AnyConnect. In your case I believe that your 5505 will be the head end. And to configure it for AnyConnect (and to download the AnyConnect modules) you will need a maintenance contract. So we are pretty much back to the point in my previous response that you will need to obtain a maintenance agreement from Cisco.

There is another potential cost to consider. The AnyConnect VPN client is a licensed feature (its license is separate from the Base license on the ASA or maintenance contract that you might have/get for your ASA). Cisco provides a two seat license which is intended to allow you to experiment with AnyConnect and to get some experience with it before you put it into production.

From the output previous in this discussion we find

AnyConnect Premium Peers : 2 perpetual

So you could have two people using AnyConnect for this ASA. If this VPN client is just for your use (which sort of seems to be the case based on what we know so far) then it may be sufficient. But if you might intend to have more than two people using AnyConnect VPN then you would need an AnyConnect license in  addition to the ASA maintenance agreement that you will need.

HTH

Rick