Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
378
Views
0
Helpful
2
Replies

ASA5515-K9 ASA5510-SEC-BUN-K9 VPN

Ahmad Khalifa
Level 1
Level 1

‎03-19-2015 12:18 PM

hi i have 10 Firewalls they are in different location all of them are supporting IPsec 250 Sessions 

to implement one into the HQ and the other 9 into the branches can i configure Site-to-Site VPN from each branch connected to the HQ i mean dose these number of Concurrent  connection to the HQ  Firewall covered by the total Number of 250 or i have to have another kind of license to the HQ Firewall.

thanks 

Labels:
0 Helpful
2 Replies 2

Adeolu Owokade
Level 1
Level 1

‎03-20-2015 10:07 PM

I believe you are covered with your current licenses. As you said, they support 250 VPN sessions which is more than enough.

0 Helpful

Karsten Iwen
VIP
VIP

‎03-22-2015 05:52 AM

The actual license includes Site-to-site IPsec and IKEv1 remote access (which is used by the legacy EasyVPN-client). So you are fine with your actual license. Only if you plan to use AnyConnect RA-VPN, then you need additional licenses.

The config will be quite easy if you need pure hub-and-spoke. For spoke-to-spoke-traffic through the hub, it is a little bit more complex. For this scenario you can consult the following document:

https://supportforums.cisco.com/document/12015091/cisco-asa-vpn-spoke-spoke-communication-hub

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents