Cisco Firewall :: Pix 501 Licensing With Asa5510

Dec 5, 2012

I bought a Cisco ASA 5510 (P/N: ASA5510-BUN-K9) and i would like to know if i have to buy some license,What i mean is, for the basics, it still being necessary aquire some license?

View 3 Replies


ADVERTISEMENT

Cisco VPN :: ASA5510 - Possible To Transfer Licensing?

Mar 18, 2013

I currently have an ASA 5510, and a ASA 5505 both configured with VPN and TLS licensing.I would like to migrate to a pair of ASA 5525-X, would it be possible to transfer the licensing or would I need to re-purchase?

View 4 Replies View Related

Cisco Firewall :: ASA 5500X - Next Generation Firewall - Cluster Licensing

Apr 26, 2013

I'm working on a BoM for a customer and i need to offer an ASA5525-X pair in HA with AVC and WSE subscritption, I've two question:
 
1) In order to use AVC and WSE I need the ASA bundle that includes the SSD HD right? (ASA5525-SSD120-K9)

2) In order to have both ASA's in HA, do i need to order two Suscriptions (ASA5525-AW3Y-PR) or only one that is "shared" in the cluster?

View 1 Replies View Related

Cisco Firewall :: ASA 5510 Licensing With HA And SSL

Jan 9, 2013

we have a customer with 2 x ASA5510-SEC-BUN-K9 running in an active/active HA mode. On the primary ASA he has 25 SSL premium licenses, but on the secondary ASA he has only 10 SSL licenses. Is there a need that both ASA´s has the same kind of licenses?

View 5 Replies View Related

Cisco Firewall :: ASA 5585-X Licensing

May 6, 2012

I have registered the license purchased for the ASA 5585X appliances and have received the following listed as features.
 
> Failover : Enabled > Encryption-DES : Enabled > Encryption-3DES-AES : Enabled > Security Contexts : 20 > GTP/GPRS : Disabled > AnyConnect Premium Peers : Default > Other VPN Peers : Default > Advanced Endpoint Assessment : Disabled > AnyConnect for Mobile : Disabled > AnyConnect for Cisco VPN Phone : Disabled > Shared License : Disabled > UC Phone Proxy Sessions : Default > Total UC Proxy Sessions : Default > AnyConnect Essentials : Disabled > Botnet Traffic Filter : Disabled > Intercompany Media Engine : Disabled > 10GE I/O Plus : Disabled(code)

View 4 Replies View Related

Cisco Firewall :: Information About ASA 5505 Licensing?

Jan 3, 2013

I am in need of some information regarding licesnes on the ASA 5505.I have a client who is connecting their main office to a DR site via a site-to-site VPN. I understand that the standard license for the ASA 5505 is for 10 clients.Does the site-to-site connection consume one of these licenses?Does each endpoint communicating over the site-to-site VPN consume one license also?For example, if I have the site-to-site VPN and 10 servers on each side, would that mean that I need 21 licenses; 1 for the VPN and 20 for each server on each side?

View 4 Replies View Related

Cisco Firewall :: 5510 ASA Failover Licensing?

Feb 28, 2011

I have a customer who has purchased a Cisco 5510 and after we received it and all the necessary VPN, 3DES etc. licensing for it, then informed us that they order 2 T1 lines so they can have Internet failover.
 
My question is: Does this require an additional specialized license from Cisco in order to enable and configure it?  And if so, what that part number is?

View 2 Replies View Related

Cisco Firewall :: 5505 Licensing And VLANs

Oct 2, 2012

so I look up ASA5505 licensing and for VLAN support see: 3 (no trunking support)/20 (with trunking support)*
 
I need 3 VLANs...inside, outside, and DMZ..but when it is creating the third (DMZ) it says I am only allowed to have 2 VLANs and can only create the third if its set to not forward traffic. ?

View 1 Replies View Related

Cisco Firewall :: BOM Product Licensing Of 5500 ASA

Aug 27, 2011

I am pretty new to cisco and the learning community forums is truely one of a  kind.Actually, I work on a company which deals the Cisco products, Routers/Firewalls/Switches and stuffs. I am sure you get the picture. What confuses me is the product licensing of ASA5500. To be more specific, we are proposing certain things. And that came with the product pricing sets and all. But I amn't having a clear picture on ASA 5500 Strong Encryption License (3DES/AES). Does that come inbuilt(free) or should there be any pricing behind that!?

View 5 Replies View Related

Cisco Firewall :: ASA 5585 Multiple Context Licensing

Apr 27, 2011

I am looking to deploy a cloud/borderless network solution and cannot get my head around how the licenses (AnyConnect Mobile and essentials) will be applied in a multiple context deployment. Any correct documentation.

View 1 Replies View Related

Cisco Firewall :: ASA 5520 High Availability Licensing

Mar 20, 2011

A customer is currently running a 5520 ASA pair in active/standby HA mode. The devices also have an IPS module, one of them using a temporary (60-day) license.  So, right now, licensing is identical on both ASAs and HA is operational.
 
The question is what exactly will happen after 60 days, once the temporary license expires?  Does HA shutdown completely once it's determined that the licensing isn't a 100% match any longer, or does it just cripple one feature (such as the IPS module)?
 
The customer is balking at purchasing SMARTnet for the 2nd ASA, so I need to explain exactly what is going to happen (if anything) once the license on the 2nd ASA drops off...

View 4 Replies View Related

Cisco Firewall :: ASA5500 - AnyConnect Vs IPsec VPN Client Licensing

Sep 19, 2011

I was wondering if  it is needed to license the IPsec VPN clients in the ASA5500 firewalls...I know that you have license the SSL VPN peers (AnyConnect). I am almost sure that for the IPsec you don't have to.

View 1 Replies View Related

Cisco Firewall :: 5505 / 5585 - Licensing Change On ASAs

Jan 16, 2013

I just learned that the licensing structure for the ASAs is changing, but I don't have any details. We have roughly 30 ASAs (from 5505s to 5585s).  If there's a licensing change, I need to do an impact assessment and plan accordingly. 

View 5 Replies View Related

Cisco Firewall :: Difference ASA5510-BUN-K9 And ASA5510-Sec-Bun-K9

Jun 6, 2012

ASA 5510 have two model Bun-K9 and Sec-Bun-K9 from the datasheet find out difference Port related and Redundancy. My questions is : Have any major difference for Security service between two model ?

View 3 Replies View Related

Cisco Firewall :: ASA5510 - Unable To Ping From User Desktop To Firewall Inside IP

Jun 11, 2012

I am able to ping from Switch to firewall inside ip and user desktop ip but unable to ping from user desktop to  FW Inside ip.. config is below for both switch and FW Cisco ASA5510....
 
TechCore-SW#ping 172.22.15.10
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.22.15.10, timeout is 2 seconds:

[Code].....

View 7 Replies View Related

Cisco Firewall :: ASA5510 Secondary Firewall Crashes After Upgrade To 8.4.1

Jun 29, 2011

I have two ASA5510's set up in failover, and the secondary keeps crashing after doing the interface checks when bringing failover up. This only happens if I try to upgrade the image on the secondary to anything newer than 8.4.1 (I've tried with 8.4.1-11 and 8.4.2). The primary one run just fine with new images.
 
I don't have the exact error right now, as I need to do a screen capture from console. It's just a huge crash dump.Are there anything I might have missed during the upgrade? Should I cold-boot both the firewalls in the correct order?

View 7 Replies View Related

Cisco Firewall :: ASA5510 Firewall Transparent Mode

Sep 10, 2012

i have a ASA5510 in the office, that already configured 3 context, namely, admin, user, server.in the server context, the last running config was not saved, and there was a power trip last friday night. 1 of the sub interface was affected, and i need to recreate that interface.I am getting the below error, it only allow me to do changes those pre-defined interface.how to I create extra sub interface?

View 3 Replies View Related

Cisco Firewall :: ASA5510 Firewall Interface Speed

Jul 21, 2011

I have a ASA5510 and I have a question about the speed the ports can handle, here is one port:
 
-interface Ethernet0/2
- speed 100
-shutdown
- no nameif
-no security-level
-no ip address
 
it's ethernet and not fastethernet so I figure it will only go to 10Mbps, but at the same time I can hard code the speed to 100.

View 2 Replies View Related

Cisco Firewall :: Memory Upgrade Of ASA5510 Firewall

Feb 22, 2012

i have cisco ASA 5510 Firewall using  in my network, i have  planning  to upgrade the Flash  memory  from  256 mb  to  512 mb  and   the RAM  from 256 mb to  1GB.

View 1 Replies View Related

Cisco Firewall :: Asa5510 - How To Add Secondary Firewall

May 4, 2012

I have a cisco asa 5510 with security plus license in Live enviroment . I need to add a secondary firewall . I was planning to do in active /standby mode for failover .But i have a doubt , when i do "show version " on live asa output says Active /active failover , does this means that i can only configure failover in active/active mode not in active/standby (which i want to do )?

Maximum Physical Interfaces  : 8
VLANs                        : 20, DMZ Unrestricted
Inside Hosts                 : Unlimited
Failover                   : Active/Active
VPN-DES                      : Enabled
VPN-3DES-AES                 : Enabled
VPN Peers                    : 25
WebVPN Peers                 : 2
Dual ISPs                    : Enabled
VLAN Trunk Ports             : 8
AnyConnect for Mobile        : Disabled
AnyConnect for Linksys phone : Disabled
Advanced Endpoint Assessment : Disabled
UC Proxy Sessions            : 2

This platform has an ASA 5505 Security Plus license...

View 4 Replies View Related

Cisco Firewall :: RDP Access Through ASA5510 Firewall?

Feb 12, 2012

i  am  using Cisco ASA5510 Firewall  in my  Network in the distrubition Layer .Private Range of Network Address  use  in the Network  and PAT  at the FW for  address translation.presently  encountering an issue  the users  behind  the FW  in my network  unable to  RDP  at port 2000  presented  at the Client Network.Able to Telnet  on port2000 but  not RDP .  any changes needed at the FW end  to  get the RDP Access.

View 12 Replies View Related

Cisco Firewall :: Using SCP On ASA5510

Mar 14, 2011

We have to use scp on all of our network devices.  It worked quite well on our routers and switches but I can't seem to get it to work for the firewalls and IPS.  I enabled scp on my ASA5510 using the command "ssh scopy enable".  I also ensured that a rsa key was generated and that ssh ver 2 was enabled.  But I can't seem to locate the commands to actually have my firewall either copy it's configuration to a server or reach out to a server to pull down a file.  We are using IOS 8.2(1).

View 1 Replies View Related

Cisco Firewall :: ASA5510 Rdp With QoS

Mar 22, 2011

I have a customer who wants to prioritze rdp traffic throgh the firewall.I know that its port 3389, but outgoing traffic is a random port number.Any smart way to catch this traffic and get it in the LLQ ?

View 3 Replies View Related

Cisco Firewall :: ASA5510 - IOS Upgrade From 8.0(3) To 8.2.5

Sep 13, 2012

we have ASA 5510 which we need to upgrade from 8.0(3) to 8.2.5. can we directly switch to 8.2.5 from 8.0(3) , if not what all versions we need to go from.
 
What all point needs to check before that following is show flash output.
 
97  14635008   
Jan 01 2003 14:12:16  asa803-k8.bin   98  4096 
May 14 2008 21:22:10  tmp    2  4096
Apr 20 2008 02:21:46  log    6  4096
Apr 20 2008 02:22:16  crypto_archive   99  6851212
[Code] .....

View 4 Replies View Related

Cisco Firewall :: ASA5510 Allow Traffic From DMZ To LAN

Sep 18, 2011

My device has 3 interfaces configured: inside, outside, DMZ.  Right now I can access the DMZ from the Internet and I can access the DMZ from the LAN using an exempt nat statement.  I am having a few issues setting up DMZ > LAN access however.  The servers running on the DMZ need to send information to my LAN such as syslog traffic for example.  Will DMZ traffic be NATed or should this somehow be excluded?  Bascially all LAN devices should get to the DMZ devices by their actual IP and vice versa.  Are there any special statements I need to add to the ASA such as nat or ACLs to make this work?  My LAN is 10.10.6.0/24 and DMZ is 192.168.254.0/24.

View 1 Replies View Related

Cisco Firewall :: ASA5510 Cannot Seem To Get From Inside To Outside

Oct 20, 2011

I have a ASA 5510 with asa8.4(2) and asdm6.4(5)205.  Have a new basic config, nothing special at this time.  I just cannot seem to get from the inside to the outside.  From the outside interface I can ping, so I have a good Internet connection. [code]

View 3 Replies View Related

Cisco Firewall :: ASA5510 8.4 DMZ Cannot Get To Internet

Apr 24, 2012

WE have a DMZ on ASA5510 8.4, it can access anything internal  interface but cannot get out to internet or outside interface. I try to ping from a host in the DMZ to 8.8.8.8 and get this in the log 6Apr 25 201208:24:431100038.8.8.80172.10.1.1501Routing failed to locate next hop for ICMP from outside:8.8.8.8/0 to inside:172.10.1.150/1. [code]

View 14 Replies View Related

Cisco Firewall :: To Upgrade To 2GB RAM In ASA5510

Apr 5, 2012

I am having ASA5510 firewall which has 1GB RAM currently. I want to upgrade to 2GB. When I opened the box, I can see only 1 slot to insert the RAM. I searched in Cisco website and I got to know that I need to use 2 x 1 GB RAM. So, I need to have 2 slots to do that. But,  I am having only 1 slot in the box.

View 5 Replies View Related

Cisco Firewall :: Alternative To PBR On ASA5510

Mar 30, 2011

We have an ASA5510 with a backup ISP connection protecting our corporate network.  I also have a mail server and I would like to route SMTP traffic over the backup network.  I realize that the ASA5510 does not support PBR, but I also know that I can use static NAT rules as a workaround to direct specific types of traffic over a particular interface (e.g. "static (outside,inside) tcp 0.0.0.0 www 0.0.0.0 www netmask 0.0.0.0" and "static (backup,inside) tcp 0.0.0.0 smtp 0.0.0.0 smtp netmask 0.0.0.0"). is it possible to use something similar to force a particular host to use a specific interface? I have tried to make this work on my own without success.  Is it even possible?

View 5 Replies View Related

Cisco Firewall :: ASA5510 IOS Upgrade From 7.04 To 8.2?

May 31, 2011

We are about to upgrade our ASA's from 7.04 to 8.2. Obviously I will be opening a TAC case to assist with the upgrade and I will also be upgrading ASDM software at the same time. These production firewalls are paired with an active --> failover scenario and not active --> active.  I had previously engaged cisco regarding the upgrade and they have recommended an upgrade path to ensure success. Also, I have a pair of test ASA's that I've gone through the upgrade process with - documenting the changes in commands and any changes in my config (I didn't notice any).So, the reason for my post is this: What are the gotcha's that you may have run into when upgrading your ASA's?These are fairly high visibility ASA's and any downtime due to the upgrade needs to be mitaged as much as possible.

View 1 Replies View Related

Cisco Firewall :: ASA5510 With 2811 ISR?

May 26, 2012

I have a 2811 ISR configured to provide the following services to my network:
 
Internet access to LAN users Cisco Call Manager ExpressSite-to-stie VPN to 3rd party networksVPN server to provide VPN access to remote usersSecurity Zone configurationsStatic NAT configurations Now I recently just got the ASA5510 device and I am not sure how to go about with the setup, whether to put the ASA in between the internet and the ISR (Internet - ASA - ISR - LAN), or put the ISR in between the internet and the ASA (Internet - ISR - ASA - LAN)?

While i know I can move most of the config unto the ASA, i know that the CME cannot be moved, hence I would like to do the setup such that users on the network still have access to CME.

View 5 Replies View Related

Cisco Firewall :: No Response From ASA5510

Apr 24, 2012

We have an ASA5510 and I am getting absolutely no response from the console port.  Not even a blip when I turn it on.  If I leave the compact flash in the internal bay, I get Green Power, Amber Status, Amber Active and Green VPN when I start it up.  The Flash LED flashes Green twice then goes out.  If I move the compact flash to the external bay, all of the other lights remain the same as described above but the Flash LED goes to steady Green.  How ever, there is still no response whatsoever from the console port.  Have replaced the DIMM but that had no effect.  This is a four (4) slot ASA5510 and I have just the one DIMM in slot P13 as described on a post I found.  The power supply fan comes on as well as the two (2) fans that cool the heatsink.  The other two (2) fans on the expansion module side do not come on. 

View 1 Replies View Related

Cisco Firewall :: Unable To Use RDP Through ASA5510

Aug 17, 2011

We just switched to a 5510 from a PIX 515 last evening, and the only things that are not working are any services from the outside to the inside.  Example: I am unable to connect to a RDP server on the inside from the outside.  I've been looking at the config for the past five hours, but am unable to see my mistake.  Running 8.2(1)   People on the inside are able to get out. 

domain-name aaaa.org
names
name 10.10.8.13 mailserver
name 10.10.8.12 video-conf
name 1.1.1.2 PubMail
name 1.1.1.3 VidCon
name 1.1.1.5 Ms-Aderson
!

[code] .......

View 6 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved