07-22-2015 04:05 AM
Hello,
we've a got an ASA5510 active/standby cluster with a Security Plus license for 50 Anyconnect Premium Peers, but after 2 active connections, I've got a "login failed" with the message on the ASA: "Session could not be established: session limit of 2 reached."
with a "sh activation-key detail" I get (only parts):
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited perpetual
Maximum VLANs : 100 perpetual
Inside Hosts : Unlimited perpetual
Failover : Active/Active perpetual
Encryption-DES : Enabled perpetual
Encryption-3DES-AES : Enabled perpetual
Security Contexts : 2 perpetual
GTP/GPRS : Disabled perpetual
AnyConnect Premium Peers : 50 perpetual
This platform has an ASA 5510 Security Plus license.
...
AnyConnect Premium Peers : 52 perpetual
...
This platform has an ASA 5510 Security Plus license.
...
The flash permanent activation key is the SAME as the running permanent key.
Any ideas, how to solve?
thanks
Karl
07-22-2015 05:40 AM
Update:
Now I updated the ASA's from 9.0.4 to 9.1(6)6 but them same problem.
Karl
07-22-2015 05:48 AM
does a show ver include this as well :
AnyConnect Essentials : Enabled
07-22-2015 05:51 AM
Hi jan,
no, it's disabled.
do Ineed this also? Do I need another License?
thanks
Karl
07-22-2015 06:05 AM
Thats fine, you don't need essentials, it was just to check that it wasn't enabled, because then you premium licenses wouldn't be in use. I seem to recall that there is somewhere that you select if you wan't to use essentials or premium license, but i can't remember it right now, let me check and i will get back to you later.
07-22-2015 06:07 AM
Maybe try this :
By default, the ASA uses the AnyConnect Essentials license, but you can disable it to use other licenses by using the no anyconnect-essentials command or in ASDM, using the Configuration > Remote Access VPN > Network (Client) Access > Advanced > AnyConnect Essentials pane.
07-22-2015 06:16 AM
in CLI: "/act/pri(config-webvpn)# no anyconnect-essentials
ERROR: Command requires AnyConnect Essentials license
in ASDM there is no AnyConnect Essentials Pane
07-23-2015 04:04 AM
Now I've got it:
Under "Remote Access VPN -> Advanced" there's an item: Maximum VPN Sessions, I have to put in the 50 or more sessions.
blame on me!
Karl
edit:
in CLI: vpn-sessiondb max-anyconnect-premium-or-essentials-limit 52
07-22-2015 06:21 AM
With advanced encryption on the ASA5510 you get two premium licenses. But your license is for 52. This is for IPSEC with AnyConnect. Essentials is for SSL VPN. If you want to use the premium license with AnyConnect you have to disable as indicated above the essentials licenses. So far I just repeated everyone else.
Do both ASA devices have the same license? And do you have this in your config:
webvpn
no anyconnect-essentials
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide