Garry is correct. Both boxes must be the same, including licenses.
Unfortunately, it doesn't work like the ol' days.
I brought this up (amongst other items) to the ASA PM recently.
tv
----- Original Message -----
From: "Garry" <[EMAIL PROTECTED]>
To: "Petreski, Samuel" <[EMAIL PROTECTED]>
Cc: <[email protected]>
Sent: Friday, September 19, 2008 12:52 AM
Subject: Re: [c-nsp] Cisco ASA VPN Active/Standby - license requirements
Petreski, Samuel wrote:
Hi everyone,
I was wondering if any of you are running Cisco ASA 5500 in a VPN
failover
mode and if you would be willing to share the license requirements. I am
thinking of running two boxes in Active/Standby mode and was wondering if
I
need to purchase the same number of SSLVPN licenses for both boxes or
only
for one.
My understanding is that apart from the Security Plus license (which is
required for smaller ASAs at least), both boxes need to be identically,
which would include the user/ip limits, SSLVPN licenses, etc ...so in
contrast to "old times", where you'd have a cheaper second box PIX, you
now basically have twice the price in order to have HA ... makes sense
especially for Active/Active standby, as it's more or less load
balancing, too ...as for Active/Passive, which most of our customers
would require, I personally would have liked to see an "old option" with
lower additional cost ...
-garry
_______________________________________________
cisco-nsp mailing list [email protected]
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
_______________________________________________
cisco-nsp mailing list [email protected]
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
