If a VPN license is activated on an ASA, it will overwrite any existing VPN license. Be careful! HA Pair License Dynamics. Prior to ASA software v8.3, licenses had to be identical on a HA pair. A 5510 with SSL VPN enabled wouldn’t pair with a 5510 lacking SSL VPN. As of v8.3, most licenses are replicated on a HA pair.
Dec 28, 2016 · Total VPN Peers: This quantity defines the maximum number of any concurrent VPN sessions that can terminate on a given Cisco ASA platform. This licensed capacity is equal to the count of Other VPN Peers on all models with the exception of the Cisco ASA 5505, where it depends on the Security Plus and AnyConnect Essentials licenses. "Total VPN Peers : 250" mean I can use 2 Anyconnect premium + 248 IPSEC session or 250 IPSEC session in same time ? "AnyConnect for Mobile : Disabled" mean I can't use AnyConnect Secure Mobility Client (smartphone apps) connect to ASA by AnyConnect SSL ? Find answers to Cisco ASA5505 - SSL VPN Peers vs Total VPN Peers license from the expert community at Experts Exchange Other VPN Peers / Total VPN Peers. Included with base license. It is used for site to site IPSec tunnels using IKEv1 or IKEv2. It is also used when using remote access VPN (Legacy Cisco VPN Client) using IKEv1. IPSec remote access IKEv2 requires AnyConnect Essentials or AnyConnect Premium. AnyConnect This platform has an ASA 5520 VPN Plus license. You'll notice that in the output I have only two SSL VPN Peers. This is because Cisco makes you license the SSL VPN peers. AnyConnect Premium Peers : 10 perpetual AnyConnect Essentials : Disabled perpetual Other VPN Peers : 250 perpetual Total VPN Peers : 250 perpetual Then your ASA can have 10 Anyconnect or webvpn users at once.
%ASA-3-713123: Group = 50.x.x.x, IP = 50.x.x.x, IKE lost contact with remote peer, deleting connection (keepalive type: DPD) These are statically defined tunnels, and usually they come back within a few seconds. These have no secondary peers.
Apr 18, 2013 · More Cisco ASA Topics: How to Connect to Cisco ASA? Cisco ASA 5520 Basic Configuration Guide. Configuring Static NAT on a Cisco ASA Security Appliance. Site-to-Site IPSEC VPN between Two Cisco ASA 5520. How to Configure Dual ISP on Cisco ASA 5505? Example Show: How to Configure a Cisco ASA 5540 for Video Conferencing for Polycom Device? ASA Performance and Capabilities on Firepower Appliances Stateful inspection firewall throughput 20 Gbps Stateful inspection firewall throughput (multiprotocol) 10 Gbps Concurrent firewall connections 3 million New connections per second 75000 IPsec VPN throughput (450B UDP L2L test) 2 Gbps IPsec/Cisco AnyConnect/Apex site-to-site VPN peers 10000 Consider a failover pair of Cisco ASA 5525-X appliances where both the primary and secondary units have the active AnyConnect Premium Peers licenses for 500 sessions each. After aggregating these capacities, each device in this failover pair allows up to 750 sessions for this feature.
ASA Performance and Capabilities on Firepower Appliances Stateful inspection firewall throughput 20 Gbps Stateful inspection firewall throughput (multiprotocol) 10 Gbps Concurrent firewall connections 3 million New connections per second 75000 IPsec VPN throughput (450B UDP L2L test) 2 Gbps IPsec/Cisco AnyConnect/Apex site-to-site VPN peers 10000
Concurrent VPN peers = total combination of active users and site-site. ASA does not support PPTP VPN. Cisco IPSEC VPN client is free and there are other optional (non-free) VPN clients that you can use. If you go with SSL VPN model, you can deploy the VPN client to end users via web, or use a clientless VPN connection through a web browser.