I was going to tack this on to my last post but I thought it might deserve its own....

I've been selling and configuring ASA's for quite awhile now and I have to say Im a little embarrased to admit Im still not 100% clear on the SSL VPN licensing and usage. Heres is what I thought initially. There were two different pieces of the SSL VPN. The clientless (Which I thought was called WebVPN) and the client VPN (which was called anyconnect). I was under the assumption that you could have a set number (not sure what the number was) of WebVPN connections and then 2 Anyconnect full blown VPN connections. After looking through a show ver and the licensing tab in the ASDM Im confused.

The ASDM lists license counts for "Clientless SSL VPN Peers" and then VPN tunnel counts for "Clientless SSL VPN" and "SSL VPN Client". The show ver lists a license count for "WebVPN Peers". Is Cisco just using different terms for the same thing?

Im working through making sure I get the proper licensing for larger clients now and I want to make sure that Im getting anyconnect licensing and not just the SSL WebVPN that doesnt actually use a AnYConnect client.

Can someone help me with the disticntions and what is actually what?

Generally you can sort it out like this:

WebVPN: Accessing internal network resources via a web browser. The host points their browser to the URL, the ASA handles the rest. No client is downloaded and installed on the machine, and all application access must be configured on the ASA. Pretty user-friendly, but lacking power as a VPN solution.

SSL VPN: A connection that doesn't require a WebVPN connection. A client is downloaded to the host which establishes a tunnel to the ASA.

To make things slightly more strange, when an SSL VPN connection is established via pointing your browser to the URL, both a WebVPN session and an SSL VPN session are created in sequence even though you're not actually accessing network services via the browser. The WebVPN session will time out shortly after the browser is closed (even if the SSL VPN connection is still active).

As for licensing, I can't help much with that... I'd bet Cisco is just using a multitude of terms for similar things.

So how is WEBVPN licensed? Do you get just as many of those as you do AnyConnect connections? A previous poster on my other post mentioned that if you use AnyConnect WebVPN is disabled. Im assuming he means taht once you login to webvpn and select the anyconnect icon to launch the client its disabled?

So the AnyConnect essentials really launches that number up to 250 huh? I wonder why they set it at 2 to start with? AnyConnect is a great solution going forward and with 250 users for less than $150 thats a great deal.