Solved

Cisco ASA 5505 - 10 user license problem

Posted on 2013-01-31
8
1,055 Views
1 Endorsement
Last Modified: 2013-01-31
Experts,

I am configuring a Cisco ASA 5505 with a 10 User license, any way around that?
From what I understand I can only get 10 hosts running traffic.

Can I purchase/upgrade to fix it?

Any suggestions are appreciated.
1
Comment
Question by:RandallVillalobos
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
8 Comments
 
LVL 57

Expert Comment

by:giltjr
ID: 38842119
Contact your Cisco reseller, there are 50 user and unlimited options.

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/prod_brochure0900aecd80402e36.html

Look at table #1
0
 
LVL 20

Accepted Solution

by:
rauenpc earned 250 total points
ID: 38842120
You can purchase add-on licenses to upgrade the allowable host count.
The only other way around this would be to remove the default gateway from all devices that don't actually need to use the firewall to access the internet or vpn resources. This method is great if you have 8 pc's and 5 printers because you can just remove the gateway on the printers and life is good.

Usually it's best to pony up and purchase a license and avoid the duct-tape network solution where you pick and choose who can touch the firewall and obtain the mystical host licenses.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 38842126
To upgrade to 50 users the part number is ASA5505-SW-10-50=.

To upgrade to unlimited users the part number is ASA5505-SW-10-UL=.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 

Author Comment

by:RandallVillalobos
ID: 38842132
Thank you for the information, based on this I have the following questions:

1. If I have 50 users connecting from an outside/Internet location to my MailServer or Webserver, will it MAX OUT my 10 user license?  Or is the license only for Outbound (lan to internet) connections?

2. If I have a proxy server and a mail server, in good theory, I will only need 2 of the 10 users license.  Is this correct?

I am thinking of only allowing internet access to my PRoxy and my Mail Server, that way I do not need all the licensing.  (Assuming that Inbound-Internet connections do not count)

Reading the following link, it makes me believe that Inbound connections do not count:
http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/license.html#wp1141801

Thanks for any suggestions
0
 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 250 total points
ID: 38842185
Are you running in routed mode?  If so:

#1) If you have a web server and a mail server on your internal network that have active connections that would count as "2 users."  Does not matter how many IP addresses on the outside are talking to it.

#2)  Correct, if you only have two devices on the inside that access the Internet or are accessed from the Internet it is only "2 users."

If you are in bridged mode, then the side with the least number of IP address/hosts counts.
0
 

Author Comment

by:RandallVillalobos
ID: 38842387
Giltjr,

Newbie question...how do I know if the ASA is on router mode or bridge mode?

I have the Cisco ASA connecting to the internet, behind the firewall I have 1 flat network (LAN)

Thank you!
0
 
LVL 20

Expert Comment

by:rauenpc
ID: 38842433
The asa is in routed mode by default. In transparent mode, the config begins with "firewall transparent "
0
 

Author Closing Comment

by:RandallVillalobos
ID: 38842450
Thank you for all the help
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
Make the most of your online learning experience.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question