I have a Cisco ASA 5500 Series appliance.I'd like to use the Embedded CA There’s no documentation which states an AnyConnect Essentials license will suffice, over an AnyConnect Premium.url... hints at Essentials being enough, as it specifically mentions some features require Premium, but I really need to be sure. Using AnyConnect Essentials (so, anyconnect essentials: Enabled) AND the Embedded CA?
View 1 RepliesWe upgraded and re-configured two existing ASA5520 platforms in order to provide an SSL VPN solution for one of our customers.
The customer opted to deploy AnyConnect Essentials the functionality / features they required for day one were catered for in the Essentials license and budget constraints meant Premium licensing could not be included in the original deployment.
The licenses added to the system were:
L-ASA-AC-E-5520= AnyConnect Essentials VPN License - ASA 5520 (750 Users)
ASA-AC-M-5520 AnyConnect Mobile - ASA 5520 (req. Essentials or Premium)
The customer is now seeing a growing number of mobile devices and wishes to support the BYOD culture growing within the business; as a result we now need to use features available in AnyConnect Premium. I am aware from reading the following document [URL] that AnyConnect Essentials and Premium licenses cannot co-exist on an ASA; I need to ensure we purchase the appropriate upgrade for the customer.
Is there an SKU to upgrade / migrate an existing Essentials deployment to Premium? I've reviewed the licensing guide and price list but cannot find a method which enables this transition.
Recently upgraded a 5510 to Anyconnect Essentials and Anyconnect Mobile, the device was Security Plus and is now Base. Is it supposed to work this way? I lost my Gigabit interfaces. Is it possible to have Security Plus + Anyconnect Essentials?
View 1 Replies View RelatedWe have instructed our user community to start their VPN sessions by connecting to our ASA 5520 with a browser to download (if necessary) and initiate the Anyconnect essentials VPN client. Everything was working fine until a few days ago.
We have had several people report the same problem. They connect with the browser, enter their login information and are greeted with our "authorized use only" message by the ASA. Then, instead of downloading (if necessary) and starting the VPN client software, the web page just goes back to the login prompt without displaying any error message. The client software is never downloaded or started.
We've been able to work around this by installing the client software manually (where necessary) and starting the VPN client from the start menu. However, this isn't our preferred solution because this method won't have them automatically picking up updated versions of the VPN client.
We have seen this behavior before when there was a pending Java update that had not been applied. However, that doesn't seem to be the case this time. Clients have recently updated to IE9, but I have personnally been running the Anyconnect client and launching through IE9 for months.
I have an ASA 5500 series and am looking to set up the AnyConnect VPN. Looking at this guide everything seems fairly straightforward. However, on the inside private network DHCP is setup and I was wondering if it was possible to just use DHCP instead of providing a static address pool? I did not see any option to do this.
View 1 Replies View RelatedI have purchased the ASA5512-K9 with the CX AVC and Web Security Essentials L-ASA5512-AW1Y as recommended by a Cisco pre-sales representative and my reseller for my environment. I had previously believed from the documentation on the Cisco site that all X generation models had the CX software included on them in the state that they are sold. Now in trying to configure the ASA5512, and with further reading of the setup documentation, I have discovered that I do not have the capability to access the CX functionality with this model 'as is', and this combination does not appear to be appropriate. It appears that the CX software module is not actually included on the ASA5512-K9 model, but rather only on the ASA5512-SSD120-K9 model.
If it is, should I exchange the ASA5512-K9 for an ASA5512-SSD120-K9 to get the combination of this subscription license and ASA model working. Am I correct in that the ASA5512-K9 model does not have a solid state drive on it already and so I can not download and install the CX software on it? As an alternative, is it possible to purchase a Cisco solid state drive seperately, plug it into the ASA5512-K9, download the CX software, and then install it on this new drive in the ASA5512-K9?
A make one BOM and i just ask my self can we order on the one platform ( for example 5510-SEC-BUN-K9 ) SSL Essentials license ( this license is on the platform by default we buy 250 users ) and i need 50 Users license from them to be Premium.
Can i buy those two license on the same platform and is this will work ?
I downloaded the ISO for SSE 2010, and the damned thing is too big to burn to a DVD5. I doubt seriously MS expects people to have Dual-Layer discs handy.Is this intended not to be burned, but installed from the desktop instead? I can open the ISO just fine with WinZip.
View 5 Replies View RelatedMy organization has about 15 workstations, all running XP Pro. Our server is running MS Server 2003.Is there a way to push Security Essentials definition updates to all these machines behind the scenes, rather than having each one download the updates individually?I would like to automate the process, if possible, so that once a week the update file is downloaded from MS update, then applied to all workstations, but I don't know where to begin.
View 6 Replies View RelatedI have a RV 120W router and SBS 2011 Essentials server. The remote access was working porperly, but now when I type the URL it brings up the RV login screen instead of the Remote Access sign in page. I am not certain what settings are messed up.
View 3 Replies View RelatedI had my external drive plugged into the e3000 with the network drive mapped on 2 laptops. One day my connection was slow so I backdoored the router ip (I didn't use cisco connect) to reset the router from my iPhone. I'm not sure exactly what was changed, but the partition disappeared from the drive. I've used a couple file recovery programs to try and retrieve the 250+ Gb data that was on the drive with no luck. They only find "deleted" files. Not the 13k files that were there and not deleted. The drive was never bootable. What to be used to recover the files.
View 1 Replies View RelatedI'm trying to use EPC on ASR1001 running IOS-XE 3.4, and it won't work. Configuration commands are accepted by the router, but there are no packets in the capture buffer.In release notes for IOS-XE, in the 2.5 section, there is a statement that EPC is not supported on ASR1k. Is it true also for newer versions of IOS-XR?
View 1 Replies View RelatedSetting up a new 1941w router. Already have another one offsite that's working great. Based the new configuration on the one I have working and can route traffic, etc. My problem with this new one is that I cannot get into the embedded AP to configure. My configuration follows this question. I have checked status of the interfaces and everything is up except VLAN2. I've used the command no shutdown within the VLAN2 interface, but the operational status is still reading down. The admin status is reading up. All other interfaces are up and up. [code]
View 3 Replies View RelatedI have a need to capture traffic on an ASR 1001 subinterface, but what I have found is that the Embedded Packet Capture feature is not supported on this platform. Are there any simple alternatives to capture egress traffic on a subinterface or am I SOL? This is a walk in the park on normal IOS routers...
View 1 Replies View RelatedCan the embedded AP be configured as a standalone AP without configuring the router's functions? I need to configure one temporarily until we get the 1252AP for the location.
View 1 Replies View RelatedI do not understand where in the CCP I can configure PAT for communication back 7960G VoIP phone with SIP firmware Maybe I'm wrong on the concept of communication pass back to the Voice VLAN.
View 1 Replies View Related I have a Cisco 881G with PCEX-HSPA-3G card for which I have successfully configured for internet. As the above one has come to end of life, we got the replacement 881G with embedded 3G modem.
I can't get Cellular 0 to use ppp encapsulation:
Router(config-if)#encapsulation ppp
Cellular0: Only SLIP encapsulation supported
Router(config-if)#
[Code].....
Using EMM as a nice friendly interface for their terminal server (ie router with NM-16A and octal cables)?when I ask the framework to run the following command it gets stuck will a blinking cursor and clear screen
<IOSExecCommand>"connect 10.1.1.1 2000"</IOSExecCommand>
however removing the port number allows it to connect fine.
<IOSExecCommand>"connect 10.1.1.1"</IOSExecCommand>
same symptom if iI were to replace connect with telnet
<IOSExecCommand>"telnet 10.1.1.1 2000"</IOSExecCommand>
even setting up an iphost does the same ie:
ip host R1 2000 10.1.1.1
<IOSExecCommand>"connect R1"</IOSExecCommand>
All of these commands work fine from the # prompt
i cann't enable embedded-Service-Engine on cisco2911 router.
View 3 Replies View RelatedI'm working on a 892W router.To close the session between the wireless device and the router's console, the command Control-Shift-6 x is required.The Issue is that this command is not working for me. I'm using a SuperPuTTY connecting tool.
View 7 Replies View RelatedI done had dis sylvania 7" for 7 months and i keep gonna on google to try and fix it. i took it to a computer store and it took dem a month to fix it and when i got home i still could not get on da net i have tried everything on Google and dat dont work i got clear and hot spots. I am ready 2 throw dis thing in da trash and i didnt get 2 play wit it yet?
View 3 Replies View Relatedi got some problem configuring my cisco 887VAW internet access point.I want to be able to manage it thru ssh console with the service-module wlan-ap0 session mode. And i want to access thru http but it's not working too I show you my config
This is my config :
Current configuration : 3281 bytes
!
! Last configuration change at 21:43:11 UTC Fri May 18 2012 by jon
! NVRAM config last updated at 21:46:05 UTC Fri May 18 2012 by jon
! NVRAM config last updated at 21:46:05 UTC Fri May 18 2012 by jon
version 15.1
[code]....
Sure this is a simple one. New to the 1900 series routers, have a 1921 with IOS 15.1. Noticed that there is a standard interface labeled Embedded-Service-Engine0/0. What the purpose of this is? Cannot seem to find any detail on it. See extract from default config below.
View 5 Replies View RelatedIs there any way to add an E1/T1 WIC to the 5915 Embedded Service Router?
Can I add any additional cards to it?
I've done quite a bit of work with Cisco kit before (it isn't my speciality, however) and am currently working on setting up the embedded Access Point in a Cisco 1941w ISR.
The primary router is working fine, but I'm getting no where with the embedded Access Point. The whole IOS within an IOS just doesn't compute for me.
Our requirements are really simple.
We have a 10.0.0.0/24 internal network. We want users to be able to access this via the 1941w Wireless Access Point, in the same way that wired users access this via the Ethernet port.
The manual re. setting up the AP gives an example where IP addresses are applied to the AP, which doesn't make sense to me, as we simple want the AP to sit on the same VLAN as the ethernet port.
How the AP is supposed to interface with the primary router? Also, we want to use a WPA secret key to authenticate to AP. Is this possible? The Cisco docs seem to suggest that WPA is only possible through some 3rd party server.
I have EEM configured on cisco 3560 switch. The configuration is below. I want that switch inform me through email when device with particilular IP address become unavailable. I already try to debug this with debug event manager action mail but didn't see any output. [code]
View 2 Replies View RelatedI simply need to recover an embeded access point password.
I have the passwords to the 881-w router, but passwords to the embedded access point I don't have.
What is the recovery process for it, or the password reset process for the embedded access point.
I have removed an embbedded service engine modole from an 2951 router, after reboot the rouiter. the service engine interface still appears; any command can I use to completely remove it.
View 2 Replies View RelatedHow to successfully manage to configure ACS 5.1 to accept log in request from a 5500 WLC?
I've managed to get it configured following the follow link [URL], but when I try to log in to the WLC using my ACS credentials I just get the log in screen again. I've checked the ACS logs and it says my username has passed the authentication process and it matches all the rules I've set. The only thing I've noticed is my "Privilege Level" is only 1 but I'm not sure if thats correct for a HTTP log in.
We have a WLC 5500 apliance, but i have a problem, the APs have a administrative IP in a diferent segment, only conected to WLC the AP have same segment of the management interface, the 5500 don´t have APmanager interface.How configurate the WLC to conected and administrate all AP with different segment IP
Product Version.................................. 6.0.182.0
chasis: AIR-CT5508-K9
Due to lack of address space, I have to go to NAT for our wireless guest users.Are there any limitation with WLC/NGS when comes to NAT?I have four 5500 WLCs, should I put them in 1 mobility group, at 2 different locations?
View 1 Replies View RelatedWe have a customer requirement of providing secure connectivity from Remote Office to HQSame time to provide certain level of layer 3 redundancy via secondary link should the primary link fail We are looking at ASA5500 series firewall for both Remote office and HQ.Can this be done?
View 3 Replies View RelatedWe have a single 4404 that was setup long before I arrived with Guest networks that timeout and other such tweaks. Is there a document somewhere that shows a way to migrate the old settings to a new 5508 that we are purchasing? By the time the 5508 arrives I will have a very small window to setup the unit before a new wing goes live. I need the new unit as we have reached our limit of licensed AP's on the old 4404. It seems like everyone keeps talking about an easy way but no one says how to do it.
I have never setup one of these units before from scratch so I don't know how long it will take.