06-23-2014 02:30 AM - edited 03-11-2019 09:21 PM
I have an ASA whereby the show ver command gives the following output:
Licensed features for this platform:
<snip>
GTP/GPRS : Disabled perpetual
AnyConnect Premium Peers : 2 perpetual
AnyConnect Essentials : Disabled perpetual
Other VPN Peers : 750 perpetual
Total VPN Peers : 750 perpetual
Shared License : Disabled perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
UC Phone Proxy Sessions : 2 perpetual
Total UC Proxy Sessions : 2 perpetual
Botnet Traffic Filter : Disabled perpetual
Intercompany Media Engine : Disabled perpetual
IPS Module : Enabled perpetual <<<<<<<<<<<<<<<<<<<<<
Cluster : Disabled perpetual
This leads me to believe we have all the IPS licensing that we need. However we cannot access any IPS settings from within ADSM.
In an attempt to get the correct licensing key, we attempt to go through CIsco's online process to the get key based on the PAK code. However when we do so we get the following response:
That to me looks like the license is already on the device, but from the CLI within the module we get the following:
ri-reading-ips# show version
<snip>
Cisco Intrusion Prevention System, Version 7.3(2)E4
<snip>
OS Version: 2.6.29.1
Platform: ASA5525-IPS
Serial Number: XXXXXXXXXXXX
No license present
Sensor up-time is 1 day.
Using 2914M out of 3456M bytes of available memory (84% usage)
<snip>
login: XXXXX
Password:
***NOTICE***
<snip>
***LICENSE NOTICE***
There is no license key installed on this IPS platform.
The system will continue to operate with the currently installed
signature set. A valid license must be obtained in order to apply
signature updates. Please go to http://www.cisco.com/go/license
to obtain a new license or install a license.
Am I missing a crucial step in activating the license or getting another key from Cisco to get this feature-set activated?
Any help is appreciated.
06-23-2014 02:57 AM
Hi all,
Apologies my colleague has come through for me and found another thread asking the same question.
Please see: https://supportforums.cisco.com/document/119481/does-my-ips-moudle-work-well
Quoting from Todd Pula on that thread:
"The 5500-X platform requires two different license keys. The first is the IPS feature license key which you have already installed on the ASA. This will allow you to redirect traffic to the IPS instance. As others have stated above, you will need a Cisco Services for IPS contract which will entitle you to a signature update license key for the IPS itself."
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide