Solved

Do I need a Security Plus license on my ASA for multiple external IP's?

Posted on 2009-07-08
5
434 Views
Last Modified: 2012-05-07
I have a client who wants to upgrade from their basic license on their ASA 5505 so that they can have multiple External IP's.

I wasn't sure if this was necessary(cisco doesn't list anything like that in their side by side comparison). Can someone clarify?
0
Comment
Question by:swrighthm
5 Comments
 
LVL 1

Accepted Solution

by:
ForsakenSA earned 150 total points
ID: 24808351
Cisco ASA 5505 Security Plus license provides stateless Active/Standby high availability, dual ISP support, DMZ support, VLAN trunking support, and increased session and IPSec VPN peer capacities.
0
 
LVL 9

Assisted Solution

by:Donboo
Donboo earned 100 total points
ID: 24808802
If you mean multiple external IP as in IP addresses from2 different ISP then yes else no.
0
 
LVL 1

Assisted Solution

by:ForsakenSA
ForsakenSA earned 150 total points
ID: 24808839
Agreed, as if they are coming from same ISP, the routing will be the same.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 24810033
Like everyone above is saying,
If they are getting multiple IP addresses from the same ISP, then they do not need the upgrade.
If they are getting IP addresses from multiple ISP's, then yes, they need the upgrade.
0
 
LVL 7

Expert Comment

by:Boilermaker85
ID: 24813357
Perhaps what the original question is asking is this:

Can the ASA 5505 be configured with an interface IP, and also proxy arp for additional IPs associated with Static statements. Ie., when you want to expose an internal web server, you create these:
static (inside,outside) outside_ip inside_ip netmask 255.255.255.255
access-list acl_outside_in permit tcp any host outside_ip eq www
The ASA will now accept connections on port 80 to the outside_ip, which is in the same subnet as the ASA outside interface IP, but the ASA translates the sessions to the internal IPs. Now an ASA is using multiple IPs on the outside interface.  (note, you must have a subnet assigned to you from your ISP that you can use the addl addresses for these Static statements)
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Lync - CUCM Integration Question 2 29
Cisco ASA 5505 Login issues 2 38
Failover VPN Question Sonicwall 5 34
Public IP Address - Subnet 4 18
Problem Description:   Couple of months ago we upgraded the ADSL line at our branch office from Home to Business line. The purpose of transforming the service to have static public IP’s. We were in need for public IP’s to publish our web resour…
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question