Re: ASA 5550 question

I don't think it's a licensing thing- I think it's a context thing. Have you
tried this at the ADMIN context, and then filtering at the Fxxxxt context? We
don't run our ASA's with Contexts where VPN's terminate.

Cisco TAC?
 
 
Regards,
Jay McMickle- CCNP, CCSP, CCDP, MCSE
________________________________
From: Shaughn Smith <maniac.smg_at_gmail.com>
To: Joseph L. Brunner <joe_at_affirmedsystems.com>
Cc: Cisco certification
<ccielab_at_groupstudy.com>
Sent: Wed, October 6, 2010 2:11:51 PM
Subject: Re:
ASA 5550 question

I wouldnt mind putting in a checkpoint but the client is a
Cisco house.

Any way around this issue ? Are they going to have to pay for
new licensing
?

On Wed, Oct 6, 2010 at 9:09 PM, Joseph L. Brunner
<joe_at_affirmedsystems.com>wrote:

> Crypto not allowed partner...
>
> Sorry...
>
> Time for a checkpoint
>
> -----Original Message-----
> From:
nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
> Shaughn
Smith
> Sent: Wednesday, October 06, 2010 3:06 PM
> To: Cisco certification
>
Subject: ASA 5550 question
>
> Hi All
>
> I have a Cisco ASA 5550 running
which in turn is running 3 contexts.
>
> Everything has been running smoothly
but now the client is asking for Ipsec
> remote access VPN's.
>
> I have no
issue configuring this as i have done it 100 times before,
> however
> when i
type the crypto ipsec command i get this as an option
>
> Fxxxxt(config)#
crypto ?
>
> configure mode commands/options:
> ca Certification authority
> key Long term key operations
>
> ie IPSEC is not supported. Now i dont
know if this is a licencing issue or
> an actual software version
>
> Here is
the SH VER output
>
> icensed features for this platform:
> Maximum Physical
Interfaces : Unlimited
> Maximum VLANs : 250
> Inside Hosts
            : Unlimited
> Failover : Active/Active
>
VPN-DES : Enabled
> VPN-3DES-AES : Enabled
> Security Contexts : 2
> GTP/GPRS : Disabled
>
SSL VPN Peers : 2
> Total VPN Peers : 5000
>
Shared License : Disabled
> AnyConnect for Mobile :
Disabled
> AnyConnect for Linksys phone : Disabled
> AnyConnect Essentials
    : Disabled
> Advanced Endpoint Assessment : Disabled
> UC Phone Proxy
Sessions : 2
> Total UC Proxy Sessions : 2
> Botnet Traffic Filter
      : Disabled
>
> This platform has an ASA 5550 VPN Premium license.
>
>
Says 3DES-AES is enabled but that might be for SSL VPN's. I have really
> done
> any research yet but sure it has to do with the VPN Premium licence.
>
>
Thanks
>
>
> Blogs and organic groups at http://www.ccie.net
>
>
Received on Thu Oct 07 2010 - 17:03:17 ART