AnyConnect Essentials Query

Steven Hunt · ‎10-26-2010

Problem Details: Hi there, I have a 5550 ASA running AnyConnect Essentials license. But I
am uncertain how many SSL VPN/AnyConnect sessions it can take.
The Licenses show 5000 Total VPN Peers. But also states 25 SSL VPN Peers. So I am a
little confused and don't want to roll this out to more than 25 people incase they start
getting refused entry.

The output from sh activation-key is:
Licensed features for this platform:
Maximum Physical Interfaces    : Unlimited
Maximum VLANs                  : 250
Inside Hosts                   : Unlimited
Failover                       : Active/Active
VPN-DES                        : Enabled
VPN-3DES-AES                   : Enabled
Security Contexts              : 2
GTP/GPRS                       : Disabled
SSL VPN Peers                  : 25
Total VPN Peers                : 5000
Shared License                 : Disabled
AnyConnect for Mobile          : Disabled
AnyConnect for Cisco VPN Phone : Disabled
AnyConnect Essentials          : Enabled
Advanced Endpoint Assessment   : Disabled
UC Phone Proxy Sessions        : 2
Total UC Proxy Sessions        : 2
Botnet Traffic Filter          : Disabled

Can anyone clear this up for me?

Ronald Nutter · ‎10-26-2010

You are right about what you are thinking. We use AnyConnect as well. Our SSL VPN Peers line reports 750 as that is what we bought the license for.

This is the number of concurrent users. You can have AnyConnect installed on more than the number your license shows but only 25 will be able to connect at a time.

Ron

Steven Hunt · ‎10-26-2010

Ok, makes me then wonder what is the point of the AnyConnect Essentials license then!

Ronald Nutter · ‎10-26-2010

As I understand it (we are going through the licensing process now), you need the AnyConnect Essentials license when you want to

use AnyConnect that recently became available for the iPhone and other soon to be announced mobile devices.

Ron

Yury Makurin · ‎12-03-2010

Ronald, are you sure?

Because here http://www.cisco.com/en/US/docs/security/asa/asa83/license_standalone/license_management/license.html is there information about:

AnyConnect Essentials

This license enables AnyConnect VPN client access to the adaptive security appliance. This license does not support browser-based (clientless) SSL VPN access or Cisco Secure Desktop. For these features, activate an AnyConnect Premium SSL VPN Edition license instead of the AnyConnect Essentials license.

Note With the AnyConnect Essentials license, VPN users can use a Web browser to log in, and download and start (WebLaunch) the AnyConnect client.

So looks like if you have "Essintials", you can go to the web page and client automatically download to your PC and start-up VPN tunnel.

This is reason that I am confused also, what is that - SSL VPN Peers is 25, but Essentials is Enabled.

Anyone knows?

Jason Gervia · ‎12-03-2010

Does this help?

https://supportforums.cisco.com/docs/DOC-13424

"The Anyconnect Essentials is a license that allows you to connect up to your 'Total VPN Peers" platform limit with AnyConnect. Without an AnyConnect Essentials license, you are limited to the 'SSLVPN Peers' limit on your device. "

--Jason

Yury Makurin · ‎12-03-2010

Yes, it is clear now.

So thus I dont need to have web-portal, but just automatically downloaded vpnclient thru web-browser, I dont need to buy $2200 license for 25 SSL VPN Peers, only $300 license for 5000 AnyConnect SSL VPN Peers.

Really good, thanks.

Richard Burts · ‎12-04-2010

I believe that Ron confused the AnyConnect Mobile license, which is required for support of iPhone and other mobile devices, with the AnyConnect Essentials license.

HTH

Rick

HTH

Rick