Hi there !
Could anybody please put some light on the ASA license model? For a PIX, there were interface and user-based licenses. The ASAs also have VPN licenses but I'm pretty unsure how that works ...
Concerning interfaces, thngs are clear. In my understanding, "users" in fact mean hosts (actually different IP addresses) on the inside LAN. But how areeeee they counted? Is it addresses seen since the last reboot, ever seen since first power-on (peristently saved somewhere), simultaneous active connections through the device, or something completely different?
And what about VPN? 10 IPsec and 10 SSL connections are always built-in. Are they counted like above? Upgrade licenses only talk about additional SSL users - do they also lift up IPsec users or is IPsec always unlimited?
And am I right that a "restricted DMZ" only allows connections from and to _one_ other interface?
TIA
fw