07-15-2021 02:28 PM
Hi
I have a firepower management center with an evaluation licence.i have two ASA with no licence.i have creeate an ips policy but every time i want to deploy it i have that error.i wonder if the ASA really need a licence if i want to deploy ips policy.
07-15-2021 05:51 PM
Hi, not sure if you're using a FirePower module on a 5525 ASA or have re-imaged your 5525 to use the FTD image.
If you want to apply any policy from the FMC you will need to purchase the appropriate licenses from Cisco. Here's a list of those licenses :-
L-ASA5525-TA=
Cisco ASA5525 FirePOWER IPS License
L-ASA5525-TAC=
Cisco ASA5525 FirePOWER IPS and URL Licenses
L-ASA5525-TAM=
Cisco ASA5525 FirePOWER IPS and AMP Licenses
L-ASA5525-TAMC=
Cisco ASA5525 FirePOWER IPS, AMP and URL Licenses
L-ASA5525T-T=
Cisco ASA5525 Threat Defense Threat Protection License
L-ASA5525T-TM=
Cisco ASA5525 Threat Defense Threat and Malware License
L-ASA5525T-TC=
Cisco ASA5525 Threat Defense Threat and URL License
L-ASA5525T-TMC=
Cisco ASA5525 Threat Defense Threat, Malware and URL License
The minimum license you need is the L-ASA5525-TA= (ASA5525 FirePOWER IPS License) or the L-ASA5525T-T= (ASA5525 Threat Defense Threat Protection License), dependent on what image you have on the 5525.
07-15-2021 07:43 PM
The no cost Protect+Control license is required to manage (and deploy any policy to) an ASA Firepower service module. that's in addition to the IPS subscription or File (Malware) and URL Filtering licenses mentioned by @rhuysmans
The Protect+Control license is normally provided if the ASA was purchased with the Firepower service module (or an upgrade kit was purchased).
I don't believe new ones can be ordered (even at no cost) since the product is now past end-of-sales.
07-19-2021 01:13 AM
ok thanks very much
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide