10-11-2013 07:32 AM - edited 02-21-2020 07:13 PM
After configuring the anyconnect vpn on asa 5505 with base license I have got following error message:
3 | Oct 11 2013 | 14:15:02 | Local: Remote: Username:Unknown An IKEv2 remote access connection failed. Attempting to use an NSA Suite B crypto algorithm (ECDH group) without an AnyConnect Premium license. |
Under following link I found a reference to that message:
"NGE requires an AnyConnect premium license for IKEv2 remote access connections using NSA Suite B algorithms. Suite B algorithm usage for other connections or purposes (such as PKI) has no limitations. License checks are performed for remote access connections. If you receive a message that you are attempting to use an NSA Suite B crypto algorithm without an AnyConnect premium license, you have the option to either install the premium license or reconfigure the crypto settings to an appropriate level."
From "show version" command I can that the platform is licensed for 2 anyconnect Premium Peers:
Licensed features for this platform:
Maximum Physical Interfaces : 8 perpetual
VLANs : 3 DMZ Restricted
Dual ISPs : Disabled perpetual
VLAN Trunk Ports : 0 perpetual
Inside Hosts : 10 perpetual
Failover : Disabled perpetual
Encryption-DES : Enabled perpetual
Encryption-3DES-AES : Enabled perpetual
AnyConnect Premium Peers : 2 perpetual
AnyConnect Essentials : Disabled perpetual
Other VPN Peers : 10 perpetual
Total VPN Peers : 12 perpetual
Shared License : Disabled perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
UC Phone Proxy Sessions : 2 perpetual
Total UC Proxy Sessions : 2 perpetual
Botnet Traffic Filter : Disabled perpetual
Intercompany Media Engine : Disabled perpetual
Cluster : Disabled perpetual
I'm running ASA software version 9.1.2.
I have had a look at the ccw and there is no option of adding any additional premium licensing as far as I can tell.
Did anyone experience that issue?
Any help/suggestions are much appreciated.
Kind Regards,
--
Paul Preston
Proxar IT Ltd. Registered in England and Wales: 6744401- VAT: 942985479
Tubs Hill House, London Road, Sevenoaks, Kent, TN13 1BL
Tel: (+44) 0844 809 4335
Fax: (+44) 01732 468 574
Mob: (+44) 077 9509 3450
Web: www.proxar.co.uk
Email: paul.preston@proxar.co.uk
10-11-2013 12:57 PM
Hi Paul,
search for the following SKU: L-ASA-SSL
Patrick
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide