74-2
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter74 Configuring Clientless SSL VPN
Licensing Requirements
Clientless SSL VPN lets users establish a secure, remote-access VPN tunnel to an ASA using a web
browser. Users do not need a software or hardware client.
Clientless SSL VPN provides secure and easy access to a broad range of web resources and both
web-enabled and legacy applications from almost any computer that can reach HTTP Internet sites. They
include:
Internal websites
Web-enabled applications
NT/Active Directory file shares
E-mail proxies, including POP3S, IMAP4S, and SMTPS
Microsoft Outlook Web Access Exchange Server 2000, 2003, and 2007
Microsoft Web App to Exchange Server 2010 in 8.4(2) and later.
Application Access (that is, smart tunnel or port forwarding access to other TCP-based applications)
Clientless SSL VPN uses Secure Sockets Layer Protocol and its successor, Transport Layer Security
(SSL/TLS1) to provide the secure connection between remote users and specific, supported internal
resources that you configure at a central site. The ASA recognizes connections that need to be proxied,
and the HTTP server interacts with the authentication subsystem to authenticate users.
The network administrator provides access to resources by users of clientless SSL VPN sessions on a
group basis. Users have no direct access to resources on the internal network.
Licensing Requirements
The following table shows the licensing requirements for this feature:
Note This feature is not available on No Payload Encryption models.
Model License Requirement1,2
ASA 5505 AnyConnect Premium license:
Base License or Security Plus license: 2 sessions.
Optional permanent or time-based licenses: 10 or 25 sessions.
Shared licenses are not supported.3
ASA 5510 AnyConnect Premium license:
Base and Security Plus License: 2 sessions.
Optional permanent or time-based licenses: 10, 25, 50, 100, or 250 sessions.
Optional Shared licenses3: Participant or Server. For the Server license, 500-50,000 in increments
of 500 and 50,000-545,000 in increments of 1000.
ASA 5520 AnyConnect Premium license:
Base License: 2 sessions.
Optional permanent or time-based licenses: 10, 25, 50, 100, 250, 500, or 750 sessions.
Optional Shared licenses3: Participant or Server. For the Server license, 500-50,000 in increments
of 500 and 50,000-545,000 in increments of 1000.