Cisco Firewall :: ASA5505 - Can NAT May Be Used For More Than 10 Users With License

Apr 20, 2012

I have 10 user license for Cisco ASA, i have to use this ASA for client connectivity. Can i do NAT of more than 10 users with this license? What i understand is NO.

But as per Below explaination looks like, i can if i am not doing default routing? Actually i just need to add a specific Route towards client DMZ interface on my ASA, no default route, so can i use more than 10 concurrent sessions with this license?

View 5 Replies


ADVERTISEMENT

Cisco LAN :: Failed To Upgrade ASA5505 License From 10 To Unlimited Users

Sep 4, 2011

I´m trying to upgrade a Customer's ASA 5505 base license from 10 to 50 users (ASA5505-SW-10-50=). But the reseller sent a ASA5505-SW-50-UL= license instead. I tried to register that license and the following messaged appeared.
 
Wrong Sku(s) 'ASA5505-SW-50-UL=' for 'ASA5505-K8' : Device contains following licenses 'ASA5505-SW-10,ASA5500-ENCR-K9'
Serial Number = JMX1235Z0TZ

same platform type as the failed serial number. An upgrade request is not allowed. open a Service Request using the TAC Service Request Tool at [URL].As an alternative you may also call our main Technical Assistance Center at 800-553-2447.Sincerely,Cisco Systems Licensing.
 
I tried to contact TAC for assistance but It's not possible because that kind of service is outside the parameters of the service contracts associated with my cisco.com profile.

View 3 Replies View Related

Cisco Firewall :: ASA 5500 - Get Firewall License To 500 Users?

Jan 25, 2012

I purchased the license P/N: ASA-CSC20-250U-1Y with Description: ASA 5500 CSC-SSM-20 250-User License Only Renewal (1-year)
 
But I had a mistake because I need support to 500 users. Now, to solve my mistake I want to know Do I can purchase another ASA-CSC20-250U-1Y to provide the 500 users suppor?
 
I mean, ¿are two (2) ASA-CSC20-250U-1Y equivalent to the 500 user license listed below?P/N, ASA-CSC20-500U-1Y  with Description: ASA 5500 CSC-SSM-20 500-User License Only Renewal (1-year)

View 1 Replies View Related

Cisco Firewall :: Security Plus License For ASA5505

Jul 2, 2012

I have Cisco ASA5505 8.2(5) connected with Cisco 5520 8.2(1) via IPSEC tunnel, I was able to SSH from the inside 5520 to inside IP of the asa5505. but I after I upgrade the license to security plus at 5505 I lost the SSH and ASDM to inside IP of 5505 from the inside network of the 5520. however I still can use SSH and ASDM on outside IP of 5505.
 
I did a lot of testing to make it work but I couldn't I added SSH 0.0.0.0/0 inside and outside also I added acl on both interfaces. when I did a trace on the outside interface from the private network of 5520 to 5505 inside IP I got IPSEC spoofed by the way that trace only works with security plus because I try to test on all my other firewalls 8.2(5) it shows nothing and all my firewalls can accessed from the private network 5520 except the one with the security plus!

View 11 Replies View Related

Cisco Firewall :: ASA5505 Which License Is Needed

Jun 8, 2011

I have a spare ASA5505 w/Base License that we want to use as the router/firewall between our wi-fi network and our secondary internet connection. Currently we have a NetGear box as the router there and it is on its last legs.  In order for the ASA w/Base license to be able to issue over 150 IP address via DHCP which license do I need to purchase for it.

View 7 Replies View Related

Cisco Firewall :: ASA5505-SW-10-UL - How To Upgrade License

May 10, 2011

I want to confirm if the upgrade license (ASA5505-SW-10-UL=) is backward compactible with PIX 501 firewall device? though pix 501is end of life bit i want to verify if the upgrade license for asa5505 will work with it?

View 4 Replies View Related

Cisco Firewall :: Users Behind ASA5505 Firewall Are Unable To Access Internet

Feb 24, 2011

I have a normal setup of ASA5505 (without security license) connected behind an internet router. From the ASA5505 console I can ping the Internet. However, users behind the Firewall on the internal LAN, cannot ping the Internet even though NATing is configured. The users can ping the Inside interface of the Firewall so there is no internal reachability problem. In addition, I noticed that the NAT inside access list is not having any hit counts at all when users are trying to reach the internet.

When i replace the ASA5505 with a router with NAT overload configuration on it, the setup works normally and users are able to browse the internet.

The ASA5505 configuration is shown below.

hostname Firewall

interface Ethernet0/0
description Connected To Internet Router
switchport access vlan 10

[Code].....

View 2 Replies View Related

Cisco Firewall :: Recover SEC License After Flashing ASA5505

Aug 28, 2012

a client of ours bought an ASA5505-BUN-SEC-K9, and it was working fine, for some reason (beyond me) they flashed the memory and configuration in an attempt to fix smoe problems they were facing. Now they are faced with the dilema that the SEC license is no longer visible and usuable, so how can they recover this license knowing that they have bought the bbundle mentioned above?

View 1 Replies View Related

Cisco Firewall :: ASA5505 License Duration Not Found

Jun 12, 2013

i've checked in on one of our 5510's and also on a 5505 but i don't seem to find the license duration (i.e "perpetual).is this normal or just an IOS or platform specific? [code] Cisco Adaptive Security Appliance Software Version 8.2(5)

View 1 Replies View Related

Cisco Firewall :: 10-User License For ASA5505 Allows DHCP To Hand Out 32 IPs?

Dec 26, 2011

My cisco representative tells me that I am limited to 10 IP addresses for my 10 user license on an ASA 5505 even though the Cisco documentation specifically states that a 10 user license allows the maximum DHCP clients to 32 IP addresses.
 
I want to have 30 computers get IP addresses from the ASA, but don't need any but one or two to get outside the internal network.  Is this possible with a 10 USER license.

View 19 Replies View Related

Cisco Firewall :: 10-User License For ASA5505 Allows DHCP To Hand Out 32 IPs

Sep 27, 2011

My cisco representative tells me that I am limited to 10 IP addresses for my 10 user license on an ASA 5505 even though the Cisco documentation specifically states that a 10 user license allows the maximum DHCP clients to 32 IP addresses.
 
I want to have 30 computers get IP addresses from the ASA, but don't need any but one or two to get outside the internal network.  Is this possible with a 10 USER license.

View 1 Replies View Related

Cisco Firewall :: ASA5505 With Base License - Access From Dmz To Internal

Dec 18, 2011

we have a cisco ASA5505 with base license and 3 interface configured. Internal 192.168.1.1/24 DMZ 172.16.0.1/24 Outside 20.20.20.20/24 The DMZ is configured to allow the traffic pass to the outside interface only (base license allow only traffic to one interface) in order to let clients on this network to browse internet. On the outside interface there's a nat configuration that let the port 443 to be natted to an in internal server. Is it possible to let the clients in DMZ to access to the internal server on port 443 from the outside interface?

View 3 Replies View Related

Cisco Firewall :: ASA5505 - Possible To Add Rules To Users

Aug 2, 2011

How can I filter my local lan's URL requests?  Is it possible to have some sort of list like...
 
Default_User_Group
*.microsoft.com/*
*.mydomain.com
*.google.com
 
Then only allow certain ip's access to the entire internet like this...
 
Internet_User_Group

It would be nice to possibly be able to add the rules to users in my domain, then associate the domain account with an IP OR have them login to view webpages.

View 12 Replies View Related

Cisco Firewall :: ASA5505-BUN-K9 - Number Of Users

Jan 21, 2013

I say the answer is ten.  That means ten hosts can be behind the firewall and hit the internet.  The eleventh doesn't get to go out. I'm being told by a coworker that the "10" in the part number refers to the number of IPsec VPN peers.
 
Who's right?
 
I say if you want an unlimited number of users on the inside to be able to get to the internet, you need the ASA5505-SEC-BUN-K9
 
Mfg. Part: ASA5505-SEC-BUN-K9  
Mfg. Part: ASA5505-50-BUN-K9  
Mfg. Part: ASA5505-BUN-K9  
  
Cisco ASA 5505 10-User Bundle includes 8-port Fast Ethernet switch, 10 IPsec VPN peers, 2 Premium VPN peers, Triple Data Encryption Standard/Advanced Encryption Standard (3DES/AES) license ASA5505-BUN-K9

View 2 Replies View Related

Cisco Firewall :: ASA5505 VPN Users Can't Use IPV6

Aug 5, 2012

My VPN users are able to access IPV4 resources, but not IPV6, all of my other user who are not VPN users are able to access everything V4 and V6. So my network goes:
 
IPV4 flow = FIOS > ASA5505(IPV4 Router) > Switch > ipv4 Clients
IPV6 flow = FIOS > ASA5505(IPV4 Router) > switch > win2k8 (IPV6 Router / Tunnel) > ipv6 clients

View 1 Replies View Related

Cisco :: CSC-SSM-20 Renew License To Support 750 Users?

Jan 8, 2012

i have CSC-SSM-20  i want to renew the license to support 750 users for 3 years if i have base license only also if i have base and plus?

View 1 Replies View Related

Cisco VPN :: ASA5510 - License To Upgrade From 2 To 250 Users

May 21, 2013

i have bought the below licenses for the ASA5510 to upgrade from 2 to 250 users and yet i can give access to 2 users only.
 
L-ASA-AC-M-5510=
L-ASA-AC-E-5510=
 
Kindly find attached the "show version"

View 6 Replies View Related

Cisco Firewall :: Difference Of VPN Plus License And Security Plus License ASA 5520

Oct 16, 2012

What's the difference between VPN Plus license and Security Plus license. I have new 5520 shipped with VPN Plus license.Also does it require a seperate license for Anyconnect for Mobile and AnyConnect Essentials.

View 1 Replies View Related

Cisco VPN :: 3020 - License Required To Deploy VPN Solutions For Remote Users?

Apr 9, 2012

Currently we have a CISCO 3020 VPN Concentrator to terminate Lan-to-Lan tunnels and have our mobile workers connect via CISCO VPN client (300 users-employees and contractors-). Since this device is coming to an EOL this year  we purchased a CISCO 5520 (below are the current licenses on it)
 
The licensing seems rather complicated, therefore this is my question:
 
- What VPN solution do you recommend for our users and contractors? it is my understanding the CISCO VPN client does not work with ASA 5500 series devices
 
- Is there a license needed to deploy VPN solutions for our remote users(employees/contractors)?

View 3 Replies View Related

Cisco VPN :: ASA5505 Users Connect But Can't Access LAN Servers

Feb 16, 2012

I have a ASA5505 and setup SSL VPN. My users can connect to the VPN but can't get access to any of the internal servers.

View 3 Replies View Related

Cisco AAA/Identity/Nac :: 2000 Base Concurrent Users Exceed License Allowable Count

Mar 25, 2013

Getting the following alarm from my ISE:Cause:Base License Enforcement Details: Base concurrent users exceed license allowable count.Currently only using 1656 out of 2000 base licenses so I'm not sure what the issue is. Running 1.1.2.145 patch 3.

View 1 Replies View Related

Cisco :: ASA5505 - AnyConnect VPN Users Lose Internet Access

May 16, 2012

I am able to successfully connect to my ASA5505 via AnyConnect via a mobile device. Upon doing so, I lose internet connectivity.  My access list appear to be correct to I'm sort of at a loss.

[code]....

View 6 Replies View Related

Cisco Firewall :: Is ASA 5510 Firewall Required Any Subscription Or License

Nov 15, 2012

I am quite new to firewall, in my company one asa 5510 firewall is there.I configured inside, outside, dns, dhcp and nating.I need to config bandwidth limit (1Mbps) for inside port and I restruct like facebook, youtube and pornsites..And I heard that some subscription is required, really is it required?

View 1 Replies View Related

Cisco Firewall :: ASA 5510 - Users Unable To Access Internet Through Firewall

Feb 26, 2013

I have some problem with the ASA 5510 ver 7.0(6). My manager wants to keep this as backup. tried lots of things but still users not able to access internet nor can i ping anywhere.For example when i ping 4.2.2.2 i dont get any reply.The runing config is below for ur ref :
 
HQ-ASA-01# show  running-config
: Saved
:

[Code]......

View 9 Replies View Related

Cisco Firewall :: ASA5505 Lose Configuration If Upgrade Firewall

May 17, 2011

i have asa 5505 with the asdm v5.2 (4), and the asa v7.2(4). This platform has a base license. if i upgrade adsm and asa on v6.2(1) and v8.2(2) if I lose my license and that you need to activate them? i configured site to site vpn (this firewall and the another) that i lose my configuration if i upgrade my firewall.

View 2 Replies View Related

Cisco Firewall :: ASA5505 Can't Ping New Firewall On Inside Interface

Jul 14, 2011

I've recently upgraded my old firewall from a PIX to an ASA5505 and have been trying to match up the configuration settings to no avail. I have is that I can't ping the new firewall on it's inside interface, despite having "icmp permit any inside" in the running config. Secondly, the server I have on there ("Sar") can't connect out to the internet.I've included the ASA's running config incase anybody can see if something stands out. I have a feeling it's either not letting anything onto the inside interface, or there is no nat going on. Lastly (and possibly relevant), the firewall is actually going at the end of a vlan, which is different to the firewall's inside vlan number. I don't know if this is actually the problem because the server can't connect out even if connected directly into the firewall.

View 32 Replies View Related

Cisco Firewall :: Unable To Ping Internet IPs From ASA5505 Firewall

Jan 9, 2013

Internet ISP -> Juniper SRX 210 Ge-0/0/0
Juniper fe0/0/2  -> Cisco ASA 5505
Cisco ASA 5505 - >Inernal LAN switch.
 
1.  Internet  is connected to Juniper Ge0/0/0  via /30 IP.
 
2. Juniper fe0/0/2 port is configured as inet port and configured the Internal public LAN pool provided by the ISP. And this port is directly connected to  Cisco ASA 5505 E0/0. Its a /28 pool IP address. This interface is configured as outside and security level set to 0.

From Juniper SRX, am able to ping public Internet IPs (8.8.8.8).
 
Issue:

1. From ASA am unable to ping public ip configured on Juniper G0/0/0 port.(/30)
2. From ASA no other Public internet IP is pinging.
 
Troubleshooting Done so far.
 
1, Configured icmp inspection on ASA.
2. Used the packet tracer in ASA, it shows the packet is flowing outside without a drop.
3.  Allowed all services in untrust zone in bound traffic in Juniper SRX.
4. Viewed the logs when I was trying the ping 8.8.8.8 in ASA. It says "Tear down ICMP connection for faddrr **** gaddr **

View 2 Replies View Related

Cisco Firewall :: ASA5505 Firewall Rule Not Blocking

Apr 1, 2013

I'm trying to troubleshoot an ASA5505.
 
The original goal was to block "Mumble/Murmur" (a voip app) traffic, which runs on TCP/UDP 64738, both inbound and outbound, except to a certain host (63.223.117.170).
 
However, when nothing I tried seemed to make a difference, just to troubleshoot, I decided to try blocking all inbound traffic.  I first disconnected ethernet port 0/0 to ensure that it was cabled correctly and the outside interface went down when I did.  That worked as expected, so I confirmed I had the right interface and it was cabled correctly.
 
I then applied a "any any deny ip" rule as the first element in the outside interface access_list, as you can see below.  However, it appears to have had no real effect and the hit count is very low (it should be astronomical).
  
show ver 
Cisco Adaptive Security Appliance Software Version 9.0(2)
Device Manager Version 7.1(2) 
Compiled on Thu 21-Feb-13 13:10 by builders
System image file is "disk0:/asa902-k8.bin"

[Code].....

View 4 Replies View Related

Cisco :: Installation PI1.2 Basic License With LMS4.0 License For 100 Devices

Apr 3, 2013

I’m stuck in some problem with installation of LMS4.0 in customer site.
 
- we purchase a LMS4.0(CWLMS-4.0-100-K9) but couldn’t install it on Windows server 2008 R2 64bit because those things don’t support each other.
- I need to upgrade the LMS4.0 to LMS4.2 that is supporting Windows server 2008 R2 64bit.
- So, I ordered following items via product update tool (url...) [code]
 
- In this status, how to install LMS4.2 with license for 100 devices? If I install R-PI12-BASE-K9 first, can i enter a licese for 100 devices for CWLMS-4.0-100-K9 into PI1.2?

View 3 Replies View Related

Cisco Firewall :: Getting CSC-SSM-20 Renewal License?

Jan 10, 2012

i have CSC-SSM-20  i want to renew the license to support 750 users for 3 years if i have base license only and if i have base and plus as bundle?i want to know the steps and also the part numbers and what is the difference between these two part numbers
 
ASA-CSC20-750UP-1YASA 5500   CSC-SSM-20 750-User w/ Plus Lic. Renewal (1-year)
  ASA-CSC20-750P-1YASA 5500   CSC-SSM-20 750-User Plus Lic. Only Renewal (1-yr) 

View 2 Replies View Related

Cisco Firewall :: Can Buy Plus License For ASA 5520

Jan 11, 2012

Can i buy a plus license for asa 5520??

View 2 Replies View Related

Cisco Firewall :: See License For The SSM-10 Card?

Mar 25, 2013

My customer is asking to see the license for the SSM-10 card how do i access the card to show this information. the Firewall unit has a base licence installed.

View 2 Replies View Related

Cisco Firewall :: ASA 5505 - 3 DES License

May 20, 2013

I'm new to ASA and bought a used one from ebay but I cannot connect to the ASDM - I get an error in all the browsers.
 
Cannot communicate securely with peer: no common encryption algorithm(s).
 
(Error code: ssl_error_no_cypher_overlap)
 
Having browsed the support forums and Google - it seems I need the 3DES license. I have obtained an activation key from Cisco and applied it to my ASA 5505 however I get a warning about the device is licensed for a higher software level. the license on the ASA is Security plus. When I apply the activation key from Cisco most of the features are disabled.

[Code] ......

View 4 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved