Cisco Community
English
Register
Welcome Cisco Designated VIP 2021 Class in the 10th Year Anniversary of the Program -- CHECK THE LIST
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

1944
Views
5
Helpful
6
Replies
Highlighted
jmprats
Participant
Participant
‎01-10-2011 01:55 AM
‎01-10-2011 01:55 AM

Botnet Traffic filter temporary license on failover units


Hi, I want to evaluate Botnet Traffic Filter on ASA. I have two units with Failover Active / Standby, I have received one temporary license for the Active unit.

Do I need another temporary license for the standby pair for evaluating?

I read in the Configuration Guide “Because the temporary license continues to count down for as long as it is activated on a failover unit, we do not recommend using a temporary license in a permanent failover installation; when the temporary license expires, failover will no longer work”

What does it means? It sounds very dangerous

Can I apply my temporary license to the active unit or not?

Thanks

Labels:
0 Helpful
Reply
1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Panos Kampanakis
Cisco Employee
Cisco Employee
In response to jmprats
‎01-10-2011 04:49 AM
‎01-10-2011 04:49 AM 

You can't delete a license, you can only overwrite it.  So, make sure you keep the current permanent key that you have and when done just reapply it.

Rgs,

PK

View solution in original post

0 Helpful
Reply
6 REPLIES 6
Highlighted
Panos Kampanakis
Cisco Employee
Cisco Employee
‎01-10-2011 03:23 AM
‎01-10-2011 03:23 AM

You canNOT apply the licence JUST to the active unit. The failover units need to have the same licence in order for failover to be enabled.

For botnet testing I would suggest taking the secondary unit off line, apply the licence and test on the primary and when you are done clear the key and re-enable failover.

I hope it helps.

PK

Reply
Highlighted
jmprats
Participant
Participant
In response to Panos Kampanakis
‎01-10-2011 04:06 AM
‎01-10-2011 04:06 AM

Thank you very much, but how I clear the key before it expires?

Thanks

0 Helpful
Reply
Highlighted
Panos Kampanakis
Cisco Employee
Cisco Employee
In response to jmprats
‎01-10-2011 04:49 AM
‎01-10-2011 04:49 AM 

You can't delete a license, you can only overwrite it.  So, make sure you keep the current permanent key that you have and when done just reapply it.

Rgs,

PK

View solution in original post

0 Helpful
Reply
Highlighted
jmprats
Participant
Participant
In response to Panos Kampanakis
‎02-02-2011 03:32 AM
‎02-02-2011 03:32 AM

OK, I have evaluated the Botnet Traffic Filter, and if now I want to buy the license and put into production, do I need to pay an anual license for the standby unit that it never get active?

Thanks

0 Helpful
Reply
Highlighted
santiago.jem
Beginner
Beginner
In response to jmprats
‎02-05-2014 03:40 PM
‎02-05-2014 03:40 PM

Hi JMPrats,

I have similar setup too. May I ask how did you go about doing this on a fail-over set-up?

Did you alsopaid for the botnet filter for the standby device?

Hope to hear from you soon.

Thank you.

Regards,

Novice

0 Helpful
Reply
Highlighted
jmprats
Participant
Participant
In response to santiago.jem
‎02-06-2014 12:30 AM
‎02-06-2014 12:30 AM

Hi, I only need one license

In Version 8.3(1) and later, failover units do not require the same license on each unit.

http://www.cisco.com/en/US/docs/security/asa/asa83/license_standalone/license_management/license.html#wp1455081

Failover License Requirements

Failover units do not require the same license on each unit.

Older versions of adaptive security appliance software required that the licenses match on each unit. Starting with Version 8.3(1), you no longer need to install identical licenses. Typically, you buy a license only for the primary unit; for Active/Standby failover, the secondary unit inherits the primary license when it becomes active. If you have licenses on both units, they combine into a single running failover cluster license.

0 Helpful
Reply
Latest Contents
Cisco FTD 6.6 AnyConnect client with machine certificate, AD...
Created by fthiel92 on 01-27-2021 10:24 PM
0
10
0
10
Purpose of this article is to share our remote-working experience where we were able to successfully setup an AnyConnect VPN configuration for remote worker using corporate laptop authenticated via machine certificate, Active Directory login and password ... view more
SecureX and the Evolution of Security Orchestration Automati...
Created by ciscomoderator on 01-27-2021 08:00 PM
0
0
0
0
Meet the Authors Event - SecureX and the Evolution of Security Orchestration Automation and Response (Live event – Wednesday, 20th, 2021 at 10:00 a.m. Pacific / 1:00 p.m. Eastern / 6:00 p.m. Paris) This event had place on Wednesday 20th, January 202... view more
New Capabilities to Protect Your Users with Cisco Secure Ema...
Created by ciscomoderator on 01-27-2021 06:03 PM
0
0
0
0
Cisco Email Security solutions This forum is a chance to clarify all your questions related to Email Security! This event is a chance to review how customers of all sizes face the same daunting challenge: email is simultaneously the most important busine... view more
SecureX and the Evolution of Security Orchestration Automati...
Created by ciscomoderator on 01-27-2021 05:33 PM
0
0
0
0
This event had place on Wednesday 20th, Janaury at 9:30 hrs PDT Introduction In this session, Cisco Press authors discuss the evolution of Security Orchestration Automation and Response (SOAR). And how cybersecurity professionals have traditionally trie... view more
AMP for Endpoints: Get started with SecureX Orchestration!
Created by deaguo on 01-23-2021 11:27 PM
0
10
0
10
What is SecureX? Cisco SecureX is included with all Secure Endpoint (formerly AMP for Endpoints) subscriptions. SecureX is a cloud-native platform that aggregates capabilities across your security environment. It’s designed to simplify your environment, ... view more
Content for Community-Ad