Hi, We have ASA 5516-x firewalls deployed, and we are planning to provide AnyConnect VPN access to more employees but we are not sure about the right license to purchase to achieve our goal. The current licensed features of the firewalls are: Maximum Physical Interfaces : Unlimited perpetual Maximum VLANs : 150 perpetual Inside Hosts : Unlimited perpetual Failover : Active/Active perpetual Encryption-DES : Enabled perpetual Encryption-3DES-AES : Enabled perpetual Security Contexts : 2 perpetual Carrier : Disabled perpetual AnyConnect Premium Peers : 4 perpetual AnyConnect Essentials : Disabled perpetual Other VPN Peers : 300 perpetual Total VPN Peers : 300 perpetual AnyConnect for Mobile : Disabled perpetual AnyConnect for Cisco VPN Phone : Disabled perpetual Advanced Endpoint Assessment : Disabled perpetual Shared License : Disabled perpetual Total TLS Proxy Sessions : 1000 perpetual Botnet Traffic Filter : Disabled perpetual Cluster : Enabled perpetual Cluster Members : 2 perpetual VPN Load Balancing : Enabled perpetual We configured the firewall so the VPN users are added/deleted on our Active Directory server not on the ASA itself, and we would like to keep it that way. We also need to be able to have the capability to provide the VPN connectivity for 50 users at any moment. So we need help getting answers for the following questions: If we would decide to go for VPN Only license option, what would be the right product name of the license? If we would decide to go for the other option, should we go for AnyConnect Plus License or AnyConnect Apex License? And in this case, how would this license work with the Active Directory? Also, the list of users that would be granted a VPN access is not a fixed one; so, we would need to add/delete users all the time. Is this would be possible if we go for AnyConnect Plus or Apex Licenses that provide access to specific number of unique users? Thanks in advance.
... View more