Regarding licensing, which option will allow IKEv2 connections on the adaptive security appliance?
A.
AnyConnect Essentials can be used for Cisco AnyConnect IKEv2 connections.
B.
IKEv2 sessions are not licensed.
C.
The Advanced Endpoint Assessment license must be installed to allow Cisco AnyConnect
IKEv2 sessions.
D.
Cisco AnyConnect Mobile must be installed to allow AnyConnect IKEv2 sessions.
b)
http://www.cisco.com/c/en/us/products/collateral/security/anyconnect-secure-mobility-client/qa_c67-712937.html
@sd
Could you please elaborate why is B) IKEv2 sessions are not licensed. correct answer?
According to link you provided:
” Starting with Cisco AnyConnect Secure Mobility Client Version 3.1, ESPv3 with IKEv2, 4096-bit RSA key operations, and Diffie-Hellman group 24 are included in both Essentials and Premium licenses on the ASA. NSA Suite B algorithms for remote access require an AnyConnect Premium license on the ASA. ”
This means that A) AnyConnect Essentials can be used for Cisco AnyConnect IKEv2 connections. should be the correct answer, no?
Correct answer is A.
Note: IKEv1 IPsec sessions are not licensed, and the maximum number of sessions available equal the maximum number available for the ASA platform used. IKEv2 site-to-site VPNs are not licensed either.
IKEv2 IPsec remote-access VPN sessions are available for use only with the AnyConnect client and as such are licensed using the same AnyConnect Essentials or AnyConnect Premium licenses used with SSL VPNs.