cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1012
Views
0
Helpful
6
Replies

What licence for AnyConnect client connections

holgerewald
Level 1
Level 1

Hey there, 

we bought a Cisco ASA 5505 SEC-BUN-K9 assuming that the included licence would support AnyConnect Clients to connect to the appliance.

Now that I installed everything and try to connect the client side says:”The secure gateway has rejected the agents VPN connect…a.s.o”.(see attached screenshot for reference) I investigated and found out that the right licence need to be installed on the ASA. 

Do we need to purchase another licence to get this running or just a siple adjustment? There was no licencing paper or anything sent with the parcel.

Thanks upfront...

 

2 Accepted Solutions

Accepted Solutions

Rudy Sanjoko
Level 4
Level 4

The error message is saying "no address available for SVC connection". Have you specify the DHCP scope for AC clients? That PID by default should comes with 2 SSL user license, so you at least will be able to connect 2 clients.

View solution in original post

Marvin Rhoads
Hall of Fame
Hall of Fame


I agree with Rudy.

All new base model ASAs include at a minimum the 2 AnyConnect Premium licenses. Those can be used to try out the advanced features (clientless SSL VPN etc.) that Premium offers.

Once you decide what you want, you normally purchase either AnyConnect Essentials (one license for maximum number of users supported by the hardware model) or AnyConnect Premium license packs (sold in tiers - 50 users, 100 users, etc.).

If you need Mobile client (iOS, Android) support you also need to purchase AnyConnect for Mobile (one license for the platform).

View solution in original post

6 Replies 6

Rudy Sanjoko
Level 4
Level 4

The error message is saying "no address available for SVC connection". Have you specify the DHCP scope for AC clients? That PID by default should comes with 2 SSL user license, so you at least will be able to connect 2 clients.

Marvin Rhoads
Hall of Fame
Hall of Fame


I agree with Rudy.

All new base model ASAs include at a minimum the 2 AnyConnect Premium licenses. Those can be used to try out the advanced features (clientless SSL VPN etc.) that Premium offers.

Once you decide what you want, you normally purchase either AnyConnect Essentials (one license for maximum number of users supported by the hardware model) or AnyConnect Premium license packs (sold in tiers - 50 users, 100 users, etc.).

If you need Mobile client (iOS, Android) support you also need to purchase AnyConnect for Mobile (one license for the platform).

Thanks for your help. I already specifyed the DHCP scope but also needed to set the assignment policy to to use DHCP... Can connect to the ASA via AnyConnect Client now.

The 2 SSL user licence means the ASA allowes 2 simultanious connections regardless fron which client right?

Great to hear that. SSL user license means that it's only applied to your clients that are using SSL protocol to connect. If you still have the old Cisco VPN client which uses IPSEC then it will not consume any SSL license. 

If you need more user license then as Marvin have explained, you can get either AC Essential or Premium depending on your requirement.

I see, maybe my question was a bit missleading ;-) I mean if computer 1 and 2 are connected to the ASA via AnyConnect SSL and I want to connect computer 3 now... I first need to disconnect one of the others.. Or is the licence and the allowed connection in a way bind to computer 1 and 2 where I first installed the AnyConnect client?   

Yes, you will need to disconnect one first before able to connect with PC #3. You will see an error on the ASA if you try to connect with PC #3 while #1 and #2 are still connected.