Clicky

Hi Experts,

I have a Cisco ASA 5505 router with a base license (10x inside hosts, 3x VLAN, 25x VPN). It looks like it needs to upgrade to a "Security Plus" license, so I can increase the numbers of VLANs and "Inside Hosts".

The problem I encounter is that it's easy to find the price for such an upgrade license. But it is not so easy to find out what you get for your money. I contacted Cisco but they're not willing to answer the question, because I need to talk to one of their "partners" -- I'm still waiting for a phone call.

So maybe one of you can help me out? My two questions are:

1. How many "Internal Hosts" do you get - with an upgrade license?
2. How many VLANs do you get - with an upgrade license?

I'm assuming here that the upgrade license is the "ASA5505-SEC-PL" as mentioned on this page:
http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/prod_brochure0900aecd80402e36.html

Where the description of the license isn't clear either (copy/paste from the Cisco webpage):
Cisco ASA 5505 Security Plus license (provides stateless Active/Standby high availability, dual ISP support, DMZ support, VLAN trunking support, and increased session and IPSec VPN peer capacities)

asked 12/02/2011 11:02

Mac2010's gravatar image

Mac2010 ♦♦


7 Answers:
Checkout:
http://www.cisco.com/en/US/docs/security/asa/asa82/license/license82.html#wp204305

There doesn't seem to be a restriction of the number of internal hosts.
With Security Plus you go from 3 to 20 VLANs and get to do up to 8 trunks.
link

answered

Frabble's gravatar image

Frabble

Oops. There is a user restriction. You will need to buy the additional user optional license for either up to 50 or unlimited users.
link

answered 2011-12-03 at 07:21:29

Frabble's gravatar image

Frabble

Hi,
I believe you need the following part number:
L-ASA5505-SEC-PL=

this will give you
1. DMZ unrestricted access (previously restricted)
2. 20 VLANs (previously 10)
3. 50 inside hosts
4. Failover will be possible
5. 25 VPN peers (previously 10)
6. Dual ISP enabled
7. 8 VLAN trunk ports (previously 0)

hope this helps
max
link

answered 2011-12-03 at 07:24:17

max_the_king's gravatar image

max_the_king

Thanks, both of you!

@Max
Do you have a link confirming the specifications, preferably on the Cisco website? Just to make sure there are no surprises after purchasing the license. My reseller has it in stock, but as at most resellers, listed without licese details on the website.
link

answered 2011-12-04 at 02:41:07

Mac2010's gravatar image

Mac2010

hi, correct part number is with a 50 in it since you upgrading from 10 users. I can post the link later or tomorrow as soon as i grab on my pc. Max
link

answered 2011-12-04 at 03:34:35

max_the_king's gravatar image

max_the_king

ok, here you have 2 links describing what I wrote before

http://www.cisco.com/en/US/products/ps6120/prod_models_comparison.html#~mid-range

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/product_data_sheet0900aecd802930c5.html

However I believe that in addition to your Sec Plus license upgrade, you will need to obtain a new license to upgrade the number of users. For example, ASA5505-SW-10-UL  will upgrade users from 10 to unlimited. Or ASA5505-SW-10-50 will upgrade from 10 to 50 users.

As for the Sec Plus license i confirm what i wrote in my previous post (I did it a few times before) for a few customers.

max
link

answered 2011-12-04 at 03:42:22

max_the_king's gravatar image

max_the_king

Thanks for helping me figuring this out! It's bizarre Cisco makes it so hard to buy the correct upgrades.
link

answered 2011-12-04 at 12:07:41

Mac2010's gravatar image

Mac2010

Your answer
[hide preview]

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Tags:

×6
×85
×59
×16
×42

Asked: 12/02/2011 11:02

Seen: 275 times

Last updated: 12/08/2011 02:55