Hello Swap, "Does User Apex

swapnendum · ‎09-10-2015

Hi Guys,

Wanted to understand what licensing is required in ASR 1001-X to use FlexVPN EZVPN feature ?

Do we need User Apex Subscription ?

Does User Apex Subscription automatically entitle us to use Anyconnect client ?

If User Apex Subscription is purchased on subscription model (e.g. 5 years), what happens after 5 years ? Can user still connect , or is it a hard limit?

If we use Windows 7 native client to connected to FlexVPN server on ASR, do we still require a license on ASR ?

With FelxVPN on ASR, does Windows 7 Client have an option to use Group Username/Password or is it only for certificate based authentication ?

Is there any licensing for Mobile users ?

I couldn't get any clear answer from either Cisco representatives or Gold Partner !

regards,

Swap

olpeleri · ‎09-23-2015

Hello Swap,

"Does User Apex Subscription automatically entitle us to use Anyconnect client ?"

User Apex subscription is about the client itself [ Anyconnect 4.x].

"If User Apex Subscription is purchased on subscription model (e.g. 5 years), what happens after 5 years ? Can user still connect , or is it a hard limit?"

OP> Yes you can still connect but you are not entitled to use the software anymore until you refresh your license.

"If we use Windows 7 native client to connected to FlexVPN server on ASR, do we still require a license on ASR ?"

OP> As long you have at least the securityk9 license, there is nothing else you need.

"With FelxVPN on ASR, does Windows 7 Client have an option to use Group Username/Password or is it only for certificate based authentication ?"
OP> 2 possibilities - RSA-SIG on both or a CERT on the router + EAP on the client [ per RFC5996 requirement]. EAP need to be terminated on a radius or if you run latest greatest you can use AGGR-EAP with local user database.

"is there any licensing for Mobile users ?"

OP> only on ASA as far as I know.

FlexVPN Licensing , Remote Access EZVPN client ?