We recently deployed an ASAv in AWS and just applied the smart licensing. While the licensing was successful, we are showing Out of compliance. I'm trying to figure out exactly why we are out of compliance, but I don't see anything that gives me that info.
ciscoasa# show license features
Serial Number: 9ARQQNLTL2W
Export Compliant: YES
License mode: Smart Licensing
ASAv Platform License State: Licensed
Active entitlement: ASAv-STD-1G, enforce mode: Out of compliance
Licensed for maximum of 2 vCPUs
Licensed features for this platform:
Maximum Physical Interfaces : 10
Maximum VLANs : 50
Inside Hosts : Unlimited
Failover : Active/Standby
Encryption-DES : Enabled
Encryption-3DES-AES : Enabled
Security Contexts : 0
Carrier : Enabled
AnyConnect Premium Peers : 250
AnyConnect Essentials : Disabled
Other VPN Peers : 250
Total VPN Peers : 250
AnyConnect for Mobile : Enabled
AnyConnect for Cisco VPN Phone : Enabled
Advanced Endpoint Assessment : Enabled
Shared License : Disabled
Total UC Proxy Sessions : 500
Botnet Traffic Filter : Enabled
Cluster : Disabled
----------------------------------------------------------------------------------------------
Of the reasons listed below, I believe this must be related to the ASAv using unavailable licenses. Just can't figure out which one.
Out-of-Compliance State
The ASAv can become out of compliance in the following situations:
- Over-utilization—When the ASAv uses unavailable licenses.
- License expiration—When a time-based license expires.
- Lack of communication—When the ASAv cannot reach the Licensing Authority for re-authorization.
After 90 days of reauthorization attempts, the ASAv will be severely rate-limited until you are able to successfully reauthorize.