Hi,
I need some help with a firewall that is in production. It's a pair of Cisco 5525 running in active/active, which has the base features installed along with a VPN Premium licence. The issue is the firewall only does ssh1 and not sshv2 because it only supports VPN-DES and not VPN-3DES-AES. I've followed the Cisco procedure and downloaded the "Optional license: Strong (3DES/AES)" licence.
The concern I have is if I apply the optional licence it could overwrite any existing licences I have on the firewall, I have been googling this and all I can find is "You can mix and match licenses, for example, the 10 security context license plus the Strong Encryption license; or the 500 Clientless SSL VPN license plus the GTP/GPRS license; or all four licenses together." but no solid confirmation its ok to apply the licence without concern.
Is there any cisco documents which provide the answer?
ref:
http://www.cisco.com/c/en/us/td/docs/security/asa/asa84/configuration/guide/asa_84_cli_config/intro_license.html#wp2162912