Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
379
Views
0
Helpful
5
Replies

Anyconnect Secure Mobilty Client

Mohamed Kabeer S
Level 1
Level 1

‎08-02-2014 11:49 PM - edited ‎02-21-2020 07:45 PM

Hi team,

Now I just Purchase Identical Anyconnect License for my ACtive and Passive ASA 5540 run with the version of 8.2(5).Can you please assist,How to install the license in my firewall.I know the configuration But I need to know which one I need to install first.After installing the license, How I configure anyconnect?

Thanks in advance for your understanding.

Regards,

Mohamed kabeer.S 

Labels:
0 Helpful
5 Replies 5

Dinesh Moudgil
Cisco Employee
Cisco Employee

‎08-03-2014 12:30 AM

Hi Kabeer ,

 

With the license , you get 5 touple activation keys  () . You can enter the command "activation-key" under configuration mode and then enter all the activation key that are provided.
This will activate the SSL VPN license on your box. After installing the activation key , you can configure the anyconnect using this document.

 

Regards,
Dinesh Moudgil

 

P.S. Please rate helpful posts.

Cisco Network Security Channel - https://www.youtube.com/c/CiscoNetSec/
0 Helpful

Mohamed Kabeer S
Level 1
Level 1
In response to Dinesh Moudgil

‎08-03-2014 01:57 AM

Hi Dinesh,

You are correct it has 5 touple. Here we have active and passive ASA. Which one I need to install first?Can you please explain the steps for active ans passive ASA?

Thanks and Regards,

Mohamed kabeer.S

 

0 Helpful

Dinesh Moudgil
Cisco Employee
Cisco Employee
In response to Mohamed Kabeer S

‎08-03-2014 02:08 AM

Hi Kabeer,

In Version 8.3(1) and later, failover units do not require the same  license on each unit.

Older versions of adaptive security appliance software required that the  licenses match on each unit. Starting with Version 8.3(1), you no  longer need to install identical licenses. Typically, you buy a license  only for the primary unit; for Active/Standby failover, the secondary  unit inherits the primary license when it becomes active. If you have  licenses on both units, they combine into a single running failover  cluster license.

In essence, if you are using 8.3 and above , just add the activation key on primary ASA and this will take care of activating anyconnect VPN on your failover pair.

FYI:-For  the ASA 5505 and 5510 adaptive security appliances, both units require  the Security Plus license; the Base license does not support failover,  so you cannot enable failover on a standby unit that only has the Base  license.

Regards,
Dinesh Moudgil

P.S. Please rate helpful posts.

Cisco Network Security Channel - https://www.youtube.com/c/CiscoNetSec/
0 Helpful

Mohamed Kabeer S
Level 1
Level 1
In response to Dinesh Moudgil

‎08-03-2014 02:15 AM

Hi Dinesh,

Now my device run with version of 8.2(5).I have identical license for both active and passive ASA. Now my question is which one I need to install first.After installation which one I need to reboot first.Can you please explain the steps.

Thanks and Regards,

Mohamed kabeer.S

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Mohamed Kabeer S

‎08-03-2014 11:01 AM

It does not matter which unit's activation key is applied first. An AnyConnect license addition does not require a reload on either unit. See this reference for confirmation and details.

After you have applied the key on each unit, you can then proceed to setup your remote access VPN, working from the active unit. Assuming your failover is healthy, the configuration will automatically synchronize.

One item to note is that any profile (xml file) that you create for AnyConnect users will have to be manually copied from the Active unit to the Standby.

0 Helpful
Customers Also Viewed These Support Documents