ASA 5505 License
I'm trying to figure out ASA licensing for a client. When they say 10 total VPN peers, that's not simultanous VPN peers, right? That's total VPN accounts it knows about?
I always thought 10 referred to the number of inside hosts, but this says unlimited inside hosts, yet says the Base license at the bottom. Can someone explain this to me?
Thanks...
Licensed features for this platform:
Maximum Physical Interfaces : 8
VLANs : 3, DMZ Restricted
Inside Hosts : Unlimited
Failover : Disabled
VPN-DES : Enabled
VPN-3DES-AES : Enabled
SSL VPN Peers : 2
Total VPN Peers : 10
Dual ISPs : Disabled
VLAN Trunk Ports : 0
Shared License : Disabled
AnyConnect for Mobile : Disabled
AnyConnect for Linksys phone : Disabled
AnyConnect Essentials : Disabled
Advanced Endpoint Assessment : Disabled
UC Phone Proxy Sessions : 2
Total UC Proxy Sessions : 2
Botnet Traffic Filter : Disabled
This platform has a Base license.
I always thought 10 referred to the number of inside hosts, but this says unlimited inside hosts, yet says the Base license at the bottom. Can someone explain this to me?
Thanks...
Licensed features for this platform:
Maximum Physical Interfaces : 8
VLANs : 3, DMZ Restricted
Inside Hosts : Unlimited
Failover : Disabled
VPN-DES : Enabled
VPN-3DES-AES : Enabled
SSL VPN Peers : 2
Total VPN Peers : 10
Dual ISPs : Disabled
VLAN Trunk Ports : 0
Shared License : Disabled
AnyConnect for Mobile : Disabled
AnyConnect for Linksys phone : Disabled
AnyConnect Essentials : Disabled
Advanced Endpoint Assessment : Disabled
UC Phone Proxy Sessions : 2
Total UC Proxy Sessions : 2
Botnet Traffic Filter : Disabled
This platform has a Base license.
Comments
-
tiersten
Member Posts: 4,505
Its concurrent VPN users.I'm trying to figure out ASA licensing for a client. When they say 10 total VPN peers, that's not simultanous VPN peers, right? That's total VPN accounts it knows about?
The users are your inside hosts.I always thought 10 referred to the number of inside hosts, but this says unlimited inside hosts, yet says the Base license at the bottom. Can someone explain this to me?
The base license comes with 10 IPsec VPN users and if you want more then you have to get the Security Plus license which gives you 15 more IPsec VPN users. If that isn't enough then you need a higher model ASA.
The licensing is split into several parts.
Users = Inside hosts so 10, 50 or unlimited. Unlimited is built into Security Plus.
SSL VPN users = 2 is built into every ASA as a admin/demo type thing. If you want more then you pay for extra SSL VPN licenses.
Security Plus = Unlimited inside users and 15 more IPsec VPN users and more connections through the firewall along with the added trunking and failover features. -
Netwurk
Member Posts: 1,155 ■■■■■□□□□□
What about the FO (Failover Only) models? Can you use one as a standalone (but maybe have a licensing issue)? -
tiersten
Member Posts: 4,505
There isn't a failover only ASA.What about the FO (Failover Only) models? Can you use one as a standalone (but maybe have a licensing issue)?
If you've got a FO-AA license for a PIX then it will work standalone but it will reboot every 24 hours as you're not supposed to do this :P If it is actually in a failover pair then it won't do the rebooting even if the main unit has gone down. -
BroadcastStorm
Member Posts: 496
Connecting to different network segment behind asa have to be done via routing with this limited license, I wish Cisco didn't had to nickle and dime this awesome features, going to check the demo license...