Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1356
Views
0
Helpful
5
Replies

VPN License Issue

palash0072000
Level 1
Level 1

‎04-17-2017 11:56 PM

Dear All,

One of our customer have ASA-5515-x with fire power service. Can you please tell me do we need additional license for IPsec site-to-site and Cisco AnyConnect Plus/Apex vpn.

Thanking,

Palash

Labels:
0 Helpful
5 Replies 5

Karsten Iwen
VIP
VIP

‎04-18-2017 02:30 AM

You don't need any additional licenses for Site-to-Site VPNs. That's included in the base feature set of the ASA. You just want to make sure that you have the strong-encryption-license:

asa# sh version | i 3DES
Encryption-3DES-AES : Enabled perpetual

For AnyConnect you need additional licenses:
http://www.cisco.com/c/dam/en/us/products/collateral/security/anyconnect-og.pdf

0 Helpful

palash0072000
Level 1
Level 1
In response to Karsten Iwen

‎04-24-2017 12:06 AM

Hello Karsten/All:

Is there any command/option by which i can be able to identify what license is installed for additional services like AnyConnect?

When i am checking show version command output, I am getting below information related to AnyConnect 

AnyConnect Premium Peers          : 250            perpetual

This platform has an ASA 5515 Security Plus license.

But so far my understanding is that here 250 means the ASA-5515-X has capacity to handle 250 concurrent AnyConnnect session and dose not reflect license entitled or not.

It will be very helpful for me if you can help me clear my doubt. 

Thanking,

Palash

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to palash0072000

‎04-24-2017 08:47 AM

Palash

With the older licenses for AnyConnect (the Essentials license and the Premium license) it was easier to know if a license was applied and which license it was. It is not as easy with the new licenses Plus and Apex but if your output shows that you have perpetual support for 250 Premium peers then I believe that it reflects an installed license.

HTH

Rick 

HTH

Rick
0 Helpful

palash0072000
Level 1
Level 1
In response to Richard Burts

‎04-24-2017 09:50 PM

Hi Ricard and All,

Can you please tell me what is the difference between any-connect plus and apex?

And also can you please clear me in below two cases

1. Do they both support client less remote access vpn?

2. Do i need to use any-connect client software for plus license and in apex i can use third party software?

Thanking,

Palash

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to palash0072000

‎04-25-2017 04:29 AM

Palash,

Cisco has a very comprehensive FAQ on AnyConnect. It answers most questions:

http://www.cisco.com/c/en/us/support/docs/security/anyconnect-secure-mobility-client/200191-AnyConnect-Licensing-Frequently-Asked-Qu.html

In short, answering your two latest questions:

1. Clientless requires Apex licenses.

2. SSL (or IKEv2 IPsec) VPN (i.e., client-based) requires the AnyConnect client.

0 Helpful
Customers Also Viewed These Support Documents