Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1399
Views
0
Helpful
3
Replies

any connect plus and apex license

ashish.saxena1
Level 1
Level 1

‎12-16-2016 09:19 PM

Hi All

I am little bit confused. I am using cisco asa 5525x series firewall i.e. running on Cisco Adaptive Security Appliance Software Version 9.1(5)
Device Manager Version 7.1(3). By default it is showing 2 any connect premium peers (what is it mean).

my questions are:

1. On the basis of 2 (default) any connect preimum license. Can I perform the configuration of cisco any connect plus client base ? as In my environment total number of users are 100 those use VPN servies. and concurrent users are 10 to 15. if I will do the configuration then how many users will be able to access vpn services in the by default 2 license?

2. Let me know the procedure of purchasing the license. is it based on total number of users (in my environment total number of users are 100) or total number of concurrent users (total number of concurrent users are 10 to 15) ?? Please suggest.

3. I want to configure client base VPN in my firewall. my users use window 7, 8, 8.1 and 10. if I will install plus license. then it will support the VPN for all windows? (already shared my asa version and asdm version in starting).

for your reference I am sharing the show version of my firewall

Cisco Adaptive Security Appliance Software Version 9.1(5)
Device Manager Version 7.1(3)

Compiled on Thu 27-Mar-14 10:19 PDT by builders
System image file is "disk0:/asa915-smp-k8.bin"
Config file at boot was "startup-config"

KCO-ASA-Vodafone up 28 days 1 hour

Hardware: ASA5525, 8192 MB RAM, CPU Lynnfield 2393 MHz, 1 CPU (4 cores)
ASA: 4096 MB RAM, 1 CPU (1 core)
Internal ATA Compact Flash, 8192MB
BIOS Flash MX25L6445E @ 0xffbb0000, 8192KB

Encryption hardware device : Cisco ASA-55xx on-board accelerator (revision 0x1)
Boot microcode : CNPx-MC-BOOT-2.00
SSL/IKE microcode : CNPx-MC-SSL-PLUS-T020
IPSec microcode : CNPx-MC-IPSEC-MAIN-0026
Number of accelerators: 1
Baseboard Management Controller (revision 0x1) Firmware Version: 2.4


0: Int: Internal-Data0/0 : address is d46d.50cf.2ded, irq 11
1: Ext: GigabitEthernet0/0 : address is d46d.50cf.2df2, irq 5
<--- More ---> 2: Ext: GigabitEthernet0/1 : address is d46d.50cf.2dee, irq 5
3: Ext: GigabitEthernet0/2 : address is d46d.50cf.2df3, irq 10
4: Ext: GigabitEthernet0/3 : address is d46d.50cf.2def, irq 10
5: Ext: GigabitEthernet0/4 : address is d46d.50cf.2df4, irq 5
6: Ext: GigabitEthernet0/5 : address is d46d.50cf.2df0, irq 5
7: Ext: GigabitEthernet0/6 : address is d46d.50cf.2df5, irq 10
8: Ext: GigabitEthernet0/7 : address is d46d.50cf.2df1, irq 10
9: Int: Internal-Data0/1 : address is 0000.0001.0002, irq 0
10: Int: Internal-Control0/0 : address is 0000.0001.0001, irq 0
11: Int: Internal-Data0/2 : address is 0000.0001.0003, irq 0
12: Ext: Management0/0 : address is d46d.50cf.2ded, irq 0

Licensed features for this platform:
Maximum Physical Interfaces : Unlimited perpetual
Maximum VLANs : 200 perpetual
Inside Hosts : Unlimited perpetual
Failover : Active/Active perpetual
Encryption-DES : Enabled perpetual
Encryption-3DES-AES : Enabled perpetual
Security Contexts : 2 perpetual
GTP/GPRS : Disabled perpetual
AnyConnect Premium Peers : 2 perpetual
AnyConnect Essentials : Disabled perpetual
Other VPN Peers : 750 perpetual
<--- More ---> Total VPN Peers : 750 perpetual
Shared License : Disabled perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
UC Phone Proxy Sessions : 2 perpetual
Total UC Proxy Sessions : 2 perpetual
Botnet Traffic Filter : Disabled perpetual
Intercompany Media Engine : Disabled perpetual
IPS Module : Disabled perpetual
Cluster : Enabled perpetual
Cluster Members : 2 perpetual

This platform has an ASA5525 VPN Premium license.

Serial Number: FCH18427JR8
Running Permanent Activation Key: 0x1917e250 0x4cd351ae 0x09711170 0xcdd44c38 0x8e3de889
Configuration register is 0x1
Configuration last modified by enable_15 at 10:11:56.504 UTC Fri Dec 9 2016

I will be very thankful to you. Please help.

Regards

Ashish

Labels:
0 Helpful
3 Replies 3

Marvin Rhoads
Hall of Fame
Hall of Fame

‎12-17-2016 04:15 AM

Answer to Q1: 2 licenses that are included by default means exactly that - only two concurrent users. If a third user tries to connect while two are already connected, the connection will not be allowed.

Answer to Q2: AnyConnect is currently licensed per unique user. So if you have 100 unique users, you need 100 AnyConnect licenses. Uers may have multiple simultaneous devices though (PC, phone, tablet etc.) and their additional devices do not count against that license total. (Note Cisco does not currently enforce the number of unique users in software - it is an agreement you make when accepting the End User License Agreement at license installation time.

Answer to Q3: It is the AnyConnect version that governs the supported client OS more so than the ASA and ASDM images. For best results, use the latest AnyConnect image (currently 4.4.00243). It will support all the Windows versions you asked about.

Also please refer to this FAQ for many more details on AnyConnect licensing: http://www.cisco.com/c/en/us/support/docs/security/anyconnect-secure-mobility-client/200191-AnyConnect-Licensing-Frequently-Asked-Qu.html

0 Helpful

ashish.saxena1
Level 1
Level 1
In response to Marvin Rhoads

‎12-21-2016 08:54 PM

Hi Marvin

Thank you for reply.

let me know by default I have 2 license of any connect premium peers. and In my environment there are 70 VPN users and concurrent users are 5 to 8. 

1. So Please tell me I need to purchase 70 license for vpn users or 8 license for concurrent users ?? because I do not know purchasing of license is based on no. of users or concurrent users.

2. I want to configure any connect vpn that should be authenticated through LADP. is it possible ? I am using 9.3 version in my firewall. 

PID: cisco asa 5525 x.

Hope for an early revert.!!!!!!

Regards

Ashish

0 Helpful

Farhan Mohamed
Cisco Employee
Cisco Employee
In response to ashish.saxena1

‎12-22-2016 07:25 AM

2 licenses that are included by default means exactly that - only two concurrent users. If a third user tries to connect while two are already connected, the connection will not be allowed.

AnyConnect is currently licensed per unique user. So if you have 100 unique users, you need 100 AnyConnect licenses. Uers may have multiple simultaneous devices though (PC, phone, tablet etc.) and their additional devices do not count against that license total. (Note Cisco does not currently enforce the number of unique users in software - it is an agreement you make when accepting the End User License Agreement at license installation time.

1. Yes.

2. Yes It is possible

For more details please refer:
http://www.cisco.com/c/en/us/support/docs/security/anyconnect-secure-mob...

0 Helpful
Customers Also Viewed These Support Documents