VPN Site-to-Site or VPN Client Server with Cisco IP Phone 8941 and 8945

Hi everyone,
I decide to deploy a CUCM (BE6K platform), SX20, and IP Phone 8941/8945 on Head Office and Cisco SX10 and IP Phone 8941/8945 for branch offices (actually 9 branch offices).
The connection will use internet connection for HO and each branch offices.
And the IT guy want to use kind a VPN client server or VPN site-to-site for the connection through internet,
what kind of VPN client server or VPN site-to-site that recommended for this deployment?
and what type of Cisco router that support that kind of VPN (the cheapest one will be great)?
So the SX10 and IP Phone 8941/8945 in branch offices can work properly through internet connection?
please advise

Hi Leo,
technically, the ipsec users will not use up any premium license seats, so if you have 10 ipsec users connecting first, the premium seats are still free and so you can then still have 10 phones/anyconnect users connect.
However, the 250 you mention is the global platform limit, so it refers to the sum of premium and non-premium connections. Or in other words, you can have 240 ipsec users and 10 phones,  but not 250 ipsec users and 10 phones.
If 250 ipsec users and 10 phones would try to connect, it would be first-in, first-served, e.g. you could have 248 ipsec users and 2 phones connected.
Note: since you have Essentials disabled I'm assuming you are referring to the legacy "Cisco vpnclient" (IKEv1 client) which does not require any license on the ASA. But for the benefit of others reading this thread: if  you do have Anyconnect clients (using SSL or IPsec/IKEv2) for which you currently have an Essentials license, then note that the Essentials and Premium license cannot co-exist. So for e.g. 240 Anyconnect users and no phones, you can use Essentials. For 240 Anyconnect users and 10 phones, you need a 250-seat Premium license (and a vpn phone license).

Similar Messages

  • Exchange 2010 server with 2 DAG servers - DAG1 and DAG2 - backup with 2 DPM servers one for each DAG server

      Please advice, i have an Exchange 2010 server with 2 DAG servers - DAG1 and DAG2 - backup with 2 DPM servers, one for DAG1 and one for DAG2 is it possible ?

    I confirmed with Exchange support team that DAGs could be backed up separately.
    Meanwhile backup database is important if you need to recover both Exchange server settings and database. See:
    Recover a database availability group member server
    Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

  • Configuring Radius server with Cisco MDS - 9606 switch

    Need help in configuring Radius server with cisco MDS - 9606
    please let me know if any document available

    rtt min/avg/max/mdev = 0.260/0.327/0.468/0.077 ms
    IFCBCCEMCSW2# sh version
    Cisco Storage Area Networking Operating System (SAN-OS) Software
    TAC support: http://www.cisco.com/tac
    Copyright (c) 2002-2008, Cisco Systems, Inc. All rights reserved.
    The copyrights to certain works contained herein are owned by
    other third parties and are used and distributed under license.
    Some parts of this software may be covered under the GNU Public
    License or the GNU Lesser General Public License. A copy of
    each such license is available at
    http://www.gnu.org/licenses/gpl.html and
    BIOS: version 1.1.0
    loader: version 1.2(2)
    kickstart: version 3.3(1c)
    system: version 3.3(1c)
    BIOS compile time: 10/24/03
    kickstart image file is: bootflash:/m9500-sf1ek9-kickstart-mz.3.3.1c.bin
    kickstart compile time: 5/23/2008 19:00:00 [06/19/2008 23:56:56]
    system image file is: bootflash:/m9500-sf1ek9-mz.3.3.1c.bin
    system compile time: 5/23/2008 19:00:00 [06/20/2008 00:26:51]
    cisco MDS 9506 ("Supervisor/Fabric-1")
    Intel(R) Pentium(R) III CPU with 1028596 kB of memory.
    Processor Board ID JAB094300ER
    bootflash: 250368 kB
    slot0: 0 kB

  • Linux ntp server with cisco 3850

    hi all
    i'm trying to make sync with linux ntp with cisco 3850  here is the what i did
    linux centos 6.5 (on the ucs virtual machin) . this is a ntp server
    For more information about this file, see the man pages
    # ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
    driftfile /var/lib/ntp/drift
    # Permit time synchronization with our time source, but do not
    # permit the source to query or modify the service on this system.
    restrict default kod nomodify notrap nopeer noquery
    restrict -6 default kod nomodify notrap nopeer noquery
    # Permit all access over the loopback interface.  This could
    # be tightened as well, but to do so would effect some of
    # the administrative functions.
    restrict -6 ::1
    # Hosts on local network are less restricted.
    restrict mask nomodify notrap
    # Use public servers from the pool.ntp.org project.
    # Please consider joining the pool (http://www.pool.ntp.org/join.html)
    #server 1.centos.pool.ntp.org iburs
    #server 2.centos.pool.ntp.org iburst
    #server 3.centos.pool.ntp.org iburst
    fudge stratum 2
    #broadcast autokey        # broadcast server
    #broadcastclient                        # broadcast client
    #broadcast autokey            # multicast server
    #multicastclient              # multicast client
    #manycastserver         # manycast server
    #manycastclient autokey # manycast client
    # Enable public key cryptography.
    includefile /etc/ntp/crypto/pw
    # Key file containing the keys and key identifiers used when operating
    # with symmetric key cryptography.
    keys /etc/ntp/keys
    # Specify the key identifiers which are trusted.
    #trustedkey 4 8 42
    # Specify the key identifier to use with the ntpdc utility.
    #requestkey 8
    # Specify the key identifier to use with the ntpq utility.
    #controlkey 8
    # Enable writing of statistics records.
    #statistics clockstats cryptostats loopstats peerstats
    and cisco 3850  configured this one
    ntp server
    show ntp status
    clock is unsynchronized, stratum 16, reference is null
    why...didn't work.. somebody help me..

    Is there a typo in your post or configuration? You show the NTP server IP address as, but the router configured to use

  • EAP Chaining with Cisco ACS 5.x and the Cisco Anyconnect NAM Client

    Hi Guys,
    Whilst I’m well aware of the limitations of the built in the windows Wireless 802.1x supplicant. Is there a way, using the NAM client to authenticate both a computer and a user simultaneously, when used for authentication to wireless networks?
    As has been posted many times before on this forum, this isn’t possible due to windows not authenticating with the 'computer account' whilst the user is logged in, but with the NAM client it seems possible to do both user and computer authentication based on the options it gives you with EAP-Fast and 'EAP Chaining'.
    Can anyone validate this is possible? I have the design guide for exactly this for Cisco ISE but i need it to work on ACS (5.x).
    Thanks in advance.

    Bobby, I ran into the same issue with the "15015 Could not find ID Store" issue.  It turned out to be an issue with communication between the ACS and AD.  It looked like AD was connected successfully, but until I rebooted ACS, I kept getting the same error.  It was like it couldn't see the AD security groups even though it could scan the AD tree successfully.
    So, try rebooting ACS if you haven't already and see if that resolves the error.

  • Windows 2k8 Radius Server with Cisco Wireless Controllers

    We currently are using a Cisco 4400 wireless controller with an older Cisco Secure ACS appliance that is going EOL.  My hope was to just connect our 4400 Wireless Controller to a Windows Server 2008 Radius Server (Just using Microsoft's Network Policy Server) but have not had any luck in getting this to work.  Does anyone have an easy to follow set of instructions on configuration of Microsoft Windows Server 2008 NPS for use with Cisco Wireless Controllers?  Any advise would be greatly appreciated.
    Thank You,

    Hi NPT,
    Here is the post which may help you!!

  • Starting a server with urban terror 4.1 and it just hangs

    yeah, I'm trying to experiment with hosting a server with urban terror 4.1. I go through the trouble of setting up the server with my desired settings and when i hit the start server button, it closes and hangs with 100% cpu utilization. could it be the new xorg or maybe the new xfce 4.6.1? i can set up a server as "Dedicated: NO" and I can play alone on localhost, it hangs when i set it up as a LAN server or internet server.
    I have xfce 4.6.1, nvidia 8500 gt graphics card, everything is up to date.

    I know this's a really old post, but solution for this problem is a write Your hostname instead of "localhost" on screen with server setting.

  • Install database server with the existance of 9iAS and internet directory

    I want install the 9i database to a Sun Unix system. But that system already has the internet directory and 9i application server with the infrastructure. What are those steps I should follow to install the database?
    Where can I find any documentation about the coexistance of internet directory, 9i AS and 9i database?
    Thank you for your help.

    Just install it in a separate ORACLE_HOME.

  • Will Nortel's Contivity VPN Client work with Cisco's VPN 3000 concentrator?

    Hi, need help. We have VPN 3000 concentrator and a number of VPN clients (these are using Cisco VPN client).
    We have one user that wants to use Nortel's Contivity VPN Client. Will this work with the Cisco COncentrator 3000?

    Tricky question - in theory yes, if the nortel client follows all the ISPEC RFC's.
    I did try to get the cisco VPN client working on a Nortel Contivity once - did not get it working - but did'nt have that much time to test and get it working.
    My advise - Configure, TEST DEBUG TEST DEBUG!

  • I have a mac mini server with leopard, macbook pro, imac and iphone 4 i would like to use the server as the host for all mail, contacts, directories, intranet etc i would like all devices to have mail pushed using outlook as the prefered mail client?

    can anyone shed some light on how to do this i am currently using the server as a file storage system but feel it can deliver far more; ideally i would like the following;
    email to push to all devices once sent form one device all devices have a copy of the sent item
    accounting software that is shared on the server
    access the files and directories securely form anywhere
    create and host an intranet site
    any ideas of how to setup easily or step by step guides
    help would be greatly appreciated

    Start by getting DNS properly configured. If DNS isn't properly configured, most other services won't work right.
    Then, the OS X server documentation will provide a wealth of knowledge on configuring services.

  • Client-server with  JMX

    I looking for google many time but I dont find an example of solution for my problem. I try to build a server who can exposed a MBean for some clients. For this part it's correct, but when I try to serialize the subclass of my Mbean and I try client-side to chatch them that doesnt work.Do you know how to make that ?
    here un example... but it's my structure is correct to support serializable ? ... and how to set server-side to exposed the Child Class to client ?.. i know for the mbean its correct.. but the subclass..
    public class helloMBean extends Remote{
    public List<Child> getListChild();
    public class hello implement HelloMBean{
    List<Child> lstChild;
    String NameParent;
    lstChild = new ArrayList<Child>();
    public List<Child> getListChild(){
    return lstChild;
    public String getParent()
    return NameParent;
    public void setParent(String name)
    NameParent = name;
    public class Child implements Serializable{
    String Name;
    public Child()
    Edited by: user10365284 on 8 nov. 2012 17:29

    I checked class AuthenticatedUser which does implements java.io.Serializable through interface UserInfo.
    // Compiled from AuthenticatedUser.java (version 1.4 : 48.0, super bit)
    public class weblogic.security.acl.internal.AuthenticatedUser implements weblogic.security.acl.UserInfo {
    // Field descriptor #50 J
    private static final long serialVersionUID = 6699361079932480379L;
    // Field descriptor #55 Ljava/lang/String;
    public static final java.lang.String REALM_NAME = "wl_realm";
    // Field descriptor #50 J
    private long timeStamp;
    // Field descriptor #55 Ljava/lang/String;
    private java.lang.String name;
    // Field descriptor #59 [B
    private byte[] signature;
    // Field descriptor #61 B
    private byte qos;
    // Field descriptor #63 Ljava/net/InetAddress;
    private java.net.InetAddress inetAddress;
    // Field descriptor #63 Ljava/net/InetAddress;
    private java.net.InetAddress localAddress;
    // Field descriptor #66 I
    private int localPort;
    // Field descriptor #68 Ljava/lang/Object;
    private transient java.lang.Object sslCertificate;
    // Field descriptor #70 Ljava/lang/Class;
    static synthetic java.lang.Class class$weblogic$security$acl$internal$AuthenticatedSubject;
    // Field descriptor #70 Ljava/lang/Class;
    static synthetic java.lang.Class class$weblogic$security$acl$internal$AuthenticatedUser;

  • Sending object between client server with some class without serializable

    Hi friend,
    I need to send the object from server to client via ObjectInputStream and ObjectOutputStream, however, in these objects, some are implements by others, no source code provided, which haven't implement serizlizable, so does anyone can tell me what I can do?
    Thanks your concern.

    Anyone can help? It is urgent!

  • Client-Server with LabVIEW

    I have the following Situation , I want to Setup the Labview College License at a Server and make some Clients (the Students) fully accessing the labview on this server Simultaneously, How can i do this? 

    Hello Ahmed,
    There are two ways to increase the number of licenses available in VLM.
    1.) Obtain a new license file from National Instruments.  In addition to the information specified in the linked KB, also include the changes you want to make to you license (add X number of seats).  Then you install this new license file and you will be able to check out more licenses.
    2) Enable Overdraft in Volume License Manager. Go to Options»Preferences»Policies, and enable the overdraft policy for VLM.  This will allow you to check out more licenses than you have, but you will have to pay for all of the extra usage when you send in your activity log at the end of the yearly contract period.
    Also in relation to the previous question you asked about the installation of LabVIEW.  I would recommend looking at this article on Volume License Installers, which gives you a nice way to install software from a central location (network) and ensure that the clients who install it will automatically begin checking out their licenses from the VLM server.
    John B.
    Applications Engineer
    National Instruments

  • Problem client/server with GUI

    I have a problem with a project im working on. I have a main method that has an infinite loop but before it enters the loop, i draw the GUI. I put a simple print statement and found that it goes through the loop once. Can someone help me to figure out why the file does not send. I tried running this code without the GUI and the file sends.
    here is the code:
    public static void main(String[] args) {
              final String PATH = "/home/dford/Desktop/";
              ClientGUI display = new ClientGUI();
                   Download[] download = new Download[5];
                   int downloadIndex = 0;
                   ServerSocket welcomeSocket = new ServerSocket(9876);
                             Socket connectionSocket = welcomeSocket.accept();
                             if(downloadIndex < 5)
                                  download[downloadIndex++] = new Download(connectionSocket,
                                                                                     PATH + "snake.c");
                        catch(Exception e){}
                        System.out.println("Got here");
                        for(int i=0; i<downloadIndex; i++){
              catch(Exception e){
         }**And im trieing not to use Threads, but if i have to please let me know.
    Edited by: dford425 on Mar 18, 2008 8:03 PM                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               

    nevermind, i figured it out

  • Print Server with Apache Tomcat 6.0 and Cocoon 2 Problem...

    My company have 2 server, (9i - APEX_3. and (10g - APEX_3., both in Http server running in OEL 4.0.
    I tried the following cocoon installation in other window server,
    and I set both APEX Instants Setting, the report printing setting according to the installation above.
    The 10g apex run perfectly, however the 9i apex cannot print pdf report. the following is the error message show when i click on the export pdf button.
    The webpage at http://server9i:7777/pls/apex_camnet/f?p=105:1:3689040380318743457:PDF: might be temporarily down or it may have moved permanently to a new web address. Error 324 (net::ERR_EMPTY_RESPONSE): Unknown error.
    Before i add the print server to (9i), the pdf can be export, however no content inside the pdf, some corrupted detected, but when I added the report printing setting, the message above shown.
    Is this because of the version of database? or the version or APEX? or other matter i did not aware?
    Pls Help.
    ~ vincent
    Edited by: kiddoo_81 on Dec 23, 2010 2:08 PM

    Anybody? any suggestion?
    Thank you.

Maybe you are looking for

  • Licence   is not included for the material - J1IH

    Hi All We are working on ECC 6.0. While doing J1IH ( Additional Excise) with Subtransaction Type 01, we are getting a warning message as - Licence   is not included for the material Message no. 8I993 However if we process without any Subtransaction T

  • Automated Launching of an X11.app

    I have an application called StarTeam that runs under X11. To get it launched I have to do the following: launch X11 type "export DISPLAY=localhost:0.0{enter} launch ~/starteam-en-10.4.7-java/starteam I'm more of a GUI type of guy and was wondering i

  • AVIS selection parameter - wrong result  in VL31N list

    Hello! I crete inbound delivery from VL31N using order list. Default selection parameter is "AVIS". Result list for delivery creation contains partialy delivered orders with "delivery completed" indicator is set. When I try to create delivery for the

  • Transit corrency conversion (JPY- USD- EUR)

    Hello, I would like to convert currency from once translated value. That is.. <currency rate> 1JPY = 0.01 USD (100JPY = 1USD) 1USD = 0.833 EUR (1.2 USD = 1EUR) 1JPY  = 0.0067 EUR (150 JPY = 1EUR) <report> 100 JPY is stored on Infoprovider case 1 JPY 

  • Exception in thread "main" java.lang.NoClassDefFoundError: org/apache/commo

    I have a simple server program and a simple client program to test axis - soap-rpc style method using Topcat Apache 4.1. I am getting errors while running my client program (for both methods - .jws as well as .wsdd) Here is the errors: Exception in t