Guidelines And Limitations - Cisco ASA 5505 Configuration Manual
Asa 5500 series
Hide thumbs
Also See for ASA 5505:
- Getting started manual (168 pages) ,
- Administrator's manual (118 pages) ,
- Hardware installation manual (82 pages)
Table of Contents
Advertisement
Chapter 4
Managing Feature Licenses
A.
Q.
A.
Q.
A.
Q.
A.
Q.
A.
Guidelines and Limitations
See the following guidelines for activation keys.
Context Mode Guidelines
•
•
Firewall Mode Guidelines
All license types are available in both routed and transparent mode.
Failover Guidelines
•
•
OL-20339-01
Yes. For identical licenses, the time limit is combined when you install multiple time-based licenses.
For non-identical licenses (for example, a 1000-session SSL VPN license and a 2500-session
license), the adaptive security appliance automatically activates the next time-based license it finds
for the feature.
Can I install a new permanent license while maintaining an active time-based license?
Yes. Activating a permanent license does not affect time-based licenses.
For failover, can I use a shared licensing server as the primary unit, and the shared licensing backup
server as the secondary unit?
No. The secondary unit has the same running license as the primary unit; in the case of the shared
licensing server, they require a server license. The backup server requires a participant license. The
backup server can be in a separate failover pair of two backup servers.
Do I need to buy the same licenses for the secondary unit in a failover pair?
No. Typically, you buy a license only for the primary unit; the secondary unit inherits the primary
license when it becomes active. In the case where you also have a separate license on the secondary
unit, the licenses are combined into a running failover cluster license.
Can I use a time-based or permanent SSL VPN license in addition to a shared SSL VPN license?
Yes. The shared license is used only after the sessions from the locally installed license (time-based
or permanent) are used up. Note: On the shared licensing server, the permanent SSL VPN license is
not used; you can however use a time-based license at the same time as the shared licensing server
license. In this case, the time-based license sessions are available for local SSL VPN sessions only;
they cannot be added to the shared licensing pool for use by participants.
In multiple context mode, apply the activation key in the system execution space.
Shared licenses are not supported in multiple context mode.
Shared licenses are not supported in Active/Active mode. See the
section on page 4-17
for more information.
Failover units do not require the same license on each unit.
Older versions of adaptive security appliance software required that the licenses match on each unit.
Starting with Version 8.3(1), you no longer need to install identical licenses. Typically, you buy a
license only for the primary unit; for Active/Standby failover, the secondary unit inherits the primary
license when it becomes active. If you have licenses on both units, they combine into a single
running failover cluster license.
"Failover and Shared Licenses"
Cisco ASA 5500 Series Configuration Guide using ASDM
Guidelines and Limitations
4-21
- Quick Links:
- Starting Asdm
- Downloading the Asdm Launcher
Hide quick links:
Advertisement
Chapters
Table of Contents
