ā11-24-2013 10:59 PM
Hi all.
Our ASA 5505 with BASE license by default allowing only 10 concurrent vpn sessions (including 2 Anyconnect+IPsec). attached TXT file with license information. this firewal is use only for vpn access, and we have IPSec L2L vpn tunnel, anyconnect, client less SSL vpn and IPSec client access vpn configurations up and running,
we are in plan to upgrade vpn license to archive 10 IPSec and 10 Anyconnect and 1 anyconect mobile VPN sessions at time. so my questions are;
1. can I buy "ASA5500-SSL-10=" license and upgrade our ASA 5505 without buying "L-ASA5505-SEC-PL=" security pus license.
2. Does asa Support to upgrade only SSL Anyconnect vpn license while keeping 10 IPSec vpn comes with base license.
Thanks & waiting you value comments on this
Thanks
JCK
Solved! Go to Solution.
ā11-25-2013 06:34 AM
1. Yes.
2.Yes.
If you want to keep Clientless SSL VPN you do need to continue with adding the ASA5500-SSL-10= part. If you can do without clientless (including coverting the existing two), you can more inexpensively opt for the Security Plus and AnyConnect Essentials licenses. (US$800 vs. $1250 list price).
In either case, Mobile requires the AnyConnect Mobile license (ASA-AC-M-5505).
ā11-25-2013 06:34 AM
1. Yes.
2.Yes.
If you want to keep Clientless SSL VPN you do need to continue with adding the ASA5500-SSL-10= part. If you can do without clientless (including coverting the existing two), you can more inexpensively opt for the Security Plus and AnyConnect Essentials licenses. (US$800 vs. $1250 list price).
In either case, Mobile requires the AnyConnect Mobile license (ASA-AC-M-5505).
ā11-25-2013 01:07 PM
Thank you for the answer,
one last ques; just before finalizing the purchase!,
Current ASA is only for 10 inside hosts. so adding ASA5500-SSL-10 (10 anyconnect) OVER base license (8 IPSec +2 SSL) will increase number of inside hosts!. does't this support by base license?
with L-ASA 55505-SEC-PL= (security plus license) how many IPSec sessions will I get?
or according to you it will be better to buy Security Plus license and 10 anyconnect Essentials license? (without clientliss) as my ultimate requirement to have 10+10 IPSec and anyconnect Sessions max at a time.
Thanks
JCK
ā11-25-2013 02:35 PM
Remote access VPN clients should not count as inside hosts. I didn't have a 5505 to verify this but you should be able to see for yourself by issuing the command "show local-host" on your unit (while remote access VPN sessions are active) and validating the output shows that.
Security Plus, when combined with AnyConnect Essentials, will give you up to 25 concurrent IPsec remote access users.
AnyConnect Essentials is not in itself licensed in numbers - the Essentials feature is either on or off. It cannot coexist with AnyConnect Premium (which includes the clientless SSL). AnyConnect Premium is the one that comes in packs (2 users included with base product, can be upgraded to 10 or 25 users for the 5505).
ā11-26-2013 12:03 AM
Dear Marvin, Thanks for the Advice. Appreciate it.
JCK
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide