10-13-2014 07:57 AM - edited 03-11-2019 09:55 PM
I have two Cisco ASA 5520 and I am not able to perform Failover because one peer have a base license and the other have a license with additional Security Contexts. I need to have a match with the Security Context and it is not a problem if I need to convert the licensed peer in a base license one.
Peer 1:
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs : 150
Inside Hosts : Unlimited
Failover : Active/Active
VPN-DES : Enabled
VPN-3DES-AES : Enabled
Security Contexts : 2
GTP/GPRS : Disabled
SSL VPN Peers : 2
Total VPN Peers : 750
Shared License : Disabled
AnyConnect for Mobile : Disabled
AnyConnect for Cisco VPN Phone : Disabled
AnyConnect Essentials : Disabled
Advanced Endpoint Assessment : Disabled
UC Phone Proxy Sessions : 2
Total UC Proxy Sessions : 2
Botnet Traffic Filter : Disabled
Peer 2:
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs : 150
Inside Hosts : Unlimited
Failover : Active/Active
VPN-DES : Enabled
VPN-3DES-AES : Enabled
Security Contexts : 5
GTP/GPRS : Disabled
SSL VPN Peers : 2
Total VPN Peers : 750
Shared License : Disabled
AnyConnect for Mobile : Disabled
AnyConnect for Cisco VPN Phone : Disabled
AnyConnect Essentials : Disabled
Advanced Endpoint Assessment : Disabled
UC Phone Proxy Sessions : 2
Total UC Proxy Sessions : 2
Botnet Traffic Filter : Disabled
Does enyone know how to match this security context by commands?
Solved! Go to Solution.
10-13-2014 10:06 AM
Just send the output of "show version" to licensing@cisco.com and tell them that you need a license without the security-contexts. You should get an activation-Key back that can be entered into the ASA.
Is there no way to upgrade? That would be the better solution.
10-13-2014 09:27 AM
When using an ASA version up to 8.2, the licenses have to match on both units. There are three ways to solve the problem:
10-13-2014 09:30 AM
Hello Karsten,
How do I remove the context-license from the second unit?
10-13-2014 10:06 AM
Just send the output of "show version" to licensing@cisco.com and tell them that you need a license without the security-contexts. You should get an activation-Key back that can be entered into the ASA.
Is there no way to upgrade? That would be the better solution.
10-13-2014 11:43 AM
Karsten,
Thank you. It is not an option because I have just 512MB of memory in the both devices, I need at least 2GB.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide