[AusNOG] Cisco ASA 5505 licensing?

Wed Jan 30 14:59:23 EST 2013

There are various models of the 5505. The 5505-SEC-BUN-K9 supports unlimited inside hosts and 250 VPN sessions IIRC.

You can upgrade any of the 5505's to different tiers including unlimited. So if you pick up a cheap 5505 off Ebay and want to upgrade it to unlimited hosts, you can.

By default, all models of the 5505 only supports 2 SSL VPN (Anyconnect) clients - if you want more you have to buy more Anyconnect licenses. Also if you have an iOS or Android device and want to use AnyConnect Mobile - that is also another separate license.

Greg

From: ausnog-bounces at lists.ausnog.net [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Glenn Powell
Sent: Wednesday, 30 January 2013 10:56 AM
To: Pinkerton, Eric
Cc: ausnog at lists.ausnog.net
Subject: Re: [AusNOG] Cisco ASA 5505 licensing?

Having been burnt myself, don't forget the 5505 is the only box that enforces a limit of 50 internal devices. So a company of 20 people will easily exhaust that when everyone has a PC, iPad, iPhone etc.

Definitely look at the 5510 if the budget allows.

Cheers,
Glenn.

On 30 January 2013 13:52, Pinkerton, Eric <Eric.Pinkerton at baesystemsdetica.com<mailto:Eric.Pinkerton at baesystemsdetica.com>> wrote:
http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/prod_brochure0900aecd80402e39.html

My understanding is that you can configure 25 P2P VPN's,
and up to 25 concurrent client VPN connected although you only get 2 out of the box, and have to buy additional licences for the rest.

From: ausnog-bounces at lists.ausnog.net<mailto:ausnog-bounces at lists.ausnog.net> [mailto:ausnog-bounces at lists.ausnog.net<mailto:ausnog-bounces at lists.ausnog.net>] On Behalf Of Joseph Goldman
Sent: Wednesday, 30 January 2013 1:37 PM
To: ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>
Subject: Re: [AusNOG] Cisco ASA 5505 licensing?

Never had to spec this out myself, but a quick read of the models table here:

http://www.cisco.com/en/US/products/ps6120/prod_models_home.html

Suggests that you can have a maximum of 10/25 Site-to-Site and IPsec (IKEv1 Client) VPN User Sessions
Then a maximum of 25 AnyConnect or Clientless VPN User Sessions.

This reads to me as 25 of each definition (being 25 of a mix of S2S and IPSEC, then another 25 of a mix of AnyConnect/Clientless), and being that it states sessions, would be current connected sessions and not named users.

Of course it is open to different interpretations but that is how I would read it.

On 30/01/13 1:23 PM, Skeeve Stevens wrote:
Hey all,

I have a customer wanting to spec out a Cisco ASA5505... the baby version.

Everything is good except the VPN licensing.

On this page:  http://www.cisco.com/en/US/products/ps6120/prod_models_comparison.html

It says that the 5505 is 25 VPN users for a few different types.

What it doesn't say is whether it is:
- 25 users max across all vpn types
- whether it is PER vpn type or 25 across all types
- whether the VPN is concurrent or named users
- whether the number is a MAXIMUM or what it comes with

The last one being the most important.

Essentially I have a customer with a size needing about a dozen VPN users.. concurrently... but the above link is very vague.

This link: http://packetpushers.net/cisco-asa-licensing-explained/ has some good information, but the Cisco link doesn't say anything about 10/25.  It has more information about VPN licensing, it says the 5505 starts with 10, but the Cisco page doesn't seem to say that.  I'd like confirmation before I tell the customer what to buy.

I am assuming some Ausnog people have had to do this sort of thing. Thanks in advance.

...Skeeve

Skeeve Stevens, CEO - eintellego Pty Ltd
skeeve at eintellego.net<mailto:skeeve at eintellego.net> ; www.eintellego.net<http://www.eintellego.net/>

Phone: 1300 753 383<tel:1300%20753%20383>; Cell +61 (0)414 753 383<tel:%2B61%20%280%29414%20753%20383> ; skype://skeeve

facebook.com/eintellego<http://facebook.com/eintellego> ; linkedin.com/in/skeeve<http://linkedin.com/in/skeeve>

twitter.com/networkceoau<http://twitter.com/networkceoau> ; blog: www.network-ceo.net<http://www.network-ceo.net/>

[Image removed by sender.]
The Experts Who The Experts Call
Juniper - Cisco - IBM - Brocade - Cloud
-----
Check out our Juniper promotion website!  eintellego.mx<http://eintellego.mx/>

_______________________________________________

AusNOG mailing list

AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>

http://lists.ausnog.net/mailman/listinfo/ausnog

_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog

This email, including any attachment(s), is for the intended recipient(s) only. The substance 
of this email is confidential and may contain information that is the subject of legal professional 
privilege and/or copyright, or is otherwise immune, exempt or prohibited from disclosure by law. 
If you are not the intended recipient(s), you must not disclose, copy, use, circulate or otherwise 
rely upon the information contained in this email. If you have received this email in error, please 
notify us immediately by return email and delete this email. Capricorn Society Limited disclaims any 
responsibility or liability whatsoever in connection with computer viruses, data corruption, delay, 
interruption, unauthorised access, unauthorised amendments to emails (including any attachment(s)) 
or any other inherent risk of using email or to any person other than the intended recipient(s) who 
uses or relies on this email without the prior written consent of Capricorn Society Limited.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20130130/ac47531a/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 823 bytes
Desc: image001.jpg
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20130130/ac47531a/attachment.jpg>