[c-nsp] Cisco ASA VPN Active/Standby - license requirements
Tony Varriale
tvarriale at comcast.net
Fri Sep 19 07:40:47 EDT 2008
Garry is correct. Both boxes must be the same, including licenses.
Unfortunately, it doesn't work like the ol' days.
I brought this up (amongst other items) to the ASA PM recently.
tv
----- Original Message -----
From: "Garry" <gkg at gmx.de>
To: "Petreski, Samuel" <samuel-petreski at uiowa.edu>
Cc: <cisco-nsp at puck.nether.net>
Sent: Friday, September 19, 2008 12:52 AM
Subject: Re: [c-nsp] Cisco ASA VPN Active/Standby - license requirements
> Petreski, Samuel wrote:
>> Hi everyone,
>>
>> I was wondering if any of you are running Cisco ASA 5500 in a VPN
>> failover
>> mode and if you would be willing to share the license requirements. I am
>> thinking of running two boxes in Active/Standby mode and was wondering if
>> I
>> need to purchase the same number of SSLVPN licenses for both boxes or
>> only
>> for one.
>>
> My understanding is that apart from the Security Plus license (which is
> required for smaller ASAs at least), both boxes need to be identically,
> which would include the user/ip limits, SSLVPN licenses, etc ...so in
> contrast to "old times", where you'd have a cheaper second box PIX, you
> now basically have twice the price in order to have HA ... makes sense
> especially for Active/Active standby, as it's more or less load
> balancing, too ...as for Active/Passive, which most of our customers
> would require, I personally would have liked to see an "old option" with
> lower additional cost ...
>
> -garry
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list