Showing results for 
Search instead for 
Did you mean: 

clientless ssl vpn configuration is not effective

jack lee
Level 1
Level 1
Hi all, I met the following questions:the clientless ssl vpn configuration is not effective. I can't find out where the problem is.Please help point out what is missing? The attachment is the configration.
5 Replies 5

Marvin Rhoads
Hall of Fame
Hall of Fame

You have:


 enable outside


Clientless SSL VPN requires AnyConnect Premium licenses (now known as Apex).

Licensed features for this platform: Maximum Physical Interfaces : Unlimited perpetual Maximum VLANs : 100 perpetual Inside Hosts : Unlimited perpetual Failover : Active/Active perpetual Encryption-DES : Enabled perpetual Encryption-3DES-AES : Enabled perpetual Security Contexts : 2 perpetual GTP/GPRS : Disabled perpetual AnyConnect Premium Peers : 2 perpetual AnyConnect Essentials : 250 perpetual Other VPN Peers : 250 perpetual Total VPN Peers : 250 perpetual Shared License : Disabled perpetual AnyConnect for Mobile : Enabled perpetual AnyConnect for Cisco VPN Phone : Disabled perpetual Advanced Endpoint Assessment : Disabled perpetual Total UC Proxy Sessions : 2 perpetual Botnet Traffic Filter : Disabled perpetual IPS Module : Disabled perpetual Cluster : Enabled perpetual Cluster Members : 2 perpetual

IS this?AnyConnect Premium Peers : 2 perpetual

thank you! I get it! AnyConnect Premium license: Base License: 2 sessions. Optional permanent or time-based licenses: 10, 25, 50, 100, or 250 sessions. Optional Shared licenses 3 : Participant or Server. For the Server license, 500-50,000 in increments of 500 and 50,000-545,000 in increments of 1000.

The "2 perpetual" licenses you have are included with all ASAs. They are there for either admin-only VPN (where you don't really use VPN for your users) or "try before you buy" so you can see how they work before making a larger purchase.


Since you have 250 Anyconnect Essentials licenses for your users activated, you cannot also use the Premium licenses at the same time.


As I mentioned, Premium is now (since AnyConnect 4.0) known as Apex. You'd have to buy and activate those licenses in order to use clientless SSL VPN.