We have a large site and have only allowed the use of IPSEC for all our branch to branch and user tunnels. We tried SSL years ago but it had limitations so we stopped deployment. We now need to start implementing user SSL VPNs and I have some basic ASA questions.

                 I have an unused ASA 5510 for testing that currently has code 8.3.2 on it, Security plus license, 100 SSL VPN Peers and 250 total VPN peers, 100 max vlans, 2 sec. contexts, active/active, 2 UC phone proxies and everything else is disabled. We do not intend on using a web based SSL connection anywhere (Anyconnect essentials ?) and will only use the full SSL VPN client which will be hand loaded on machines or downloaded from the ASA and loaded on the machine if possible. What I want to know is what version of current code can I install on my ASA without losing my existing 100 SSL VPN peers license and what Anyconnect clients would be supported? I saw mention of Anyconnect Premium but do not know its relationsonship. If I upgrade the ASA to newer releases or code versions does my SSL VPN peer license turn into an Anyconnect Premium license?

                 Any help to get started in the right direction would be appreciated. I know I can spend days trying to figure out Cisco licensing and pitfalls and still get burned in the end with the wrong license or feature. I basically want to know what I need to install full SSL VPN end user clients and what I should do with the ASA to provide this functionality with the current license / feature set it has. I also want to know what end user code should be used since it looks like Anyconnect Secure Mobile is the one even if I do not use all its security functions. Example - I may not be able to check for firewalls/malware programs etc but we currently have a policy in place that does not allow Internet browsing or access when end users have VPN tunnel connections to our site. That restriction will still be maintained if it is possible with the SSL VPN connection too.

Thanks,

Paul