Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2039
Views
0
Helpful
4
Replies

Firewall Cisco ASA 5505 new interface license problem

Go to solution
Shakespeare Rodas
Level 1
Level 1

‎01-14-2014 08:42 AM - edited ‎03-11-2019 08:29 PM

Hi

I have one ASA 5505 with a Base License

The problem is when i want to use a new named interface the system says "With current License maximum number of named interfaces allowed is 3. Name cannot be set for this interface"

And the question is if with this base license the interface cannot be used or only cannot be named?

here the output of my firewall:

Cisco Adaptive Security Appliance Software Version 8.2(5)

Device Manager Version 6.4(5)

Hardware:   ASA5505, 512 MB RAM, CPU Geode 500 MHz

Internal ATA Compact Flash, 128MB

BIOS Flash Firmware Hub @ 0xffe00000, 1024KB

Encryption hardware device : Cisco ASA-5505 on-board accelerator (revision 0x0)

                             Boot microcode   : CN1000-MC-BOOT-2.00

                             SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.03

                             IPSec microcode  : CNlite-MC-IPSECm-MAIN-2.05

0: Int: Internal-Data0/0    : address is e02f.6de6.7843, irq 11

1: Ext: Ethernet0/0         : address is e02f.6de6.783b, irq 255

2: Ext: Ethernet0/1         : address is e02f.6de6.783c, irq 255

3: Ext: Ethernet0/2         : address is e02f.6de6.783d, irq 255

4: Ext: Ethernet0/3         : address is e02f.6de6.783e, irq 255

5: Ext: Ethernet0/4         : address is e02f.6de6.783f, irq 255

6: Ext: Ethernet0/5         : address is e02f.6de6.7840, irq 255

7: Ext: Ethernet0/6         : address is e02f.6de6.7841, irq 255

8: Ext: Ethernet0/7         : address is e02f.6de6.7842, irq 255

9: Int: Internal-Data0/1    : address is 0000.0003.0002, irq 255

10: Int: Not used            : irq 255

11: Int: Not used            : irq 255

Licensed features for this platform:

Maximum Physical Interfaces    : 8        

VLANs                          : 3, DMZ Restricted

Inside Hosts                   : Unlimited

Failover                       : Disabled

VPN-DES                        : Enabled  

VPN-3DES-AES                   : Enabled  

SSL VPN Peers                  : 2        

Total VPN Peers                : 10       

Dual ISPs                      : Disabled 

VLAN Trunk Ports               : 0        

Shared License                 : Disabled

AnyConnect for Mobile          : Disabled 

AnyConnect for Cisco VPN Phone : Disabled 

AnyConnect Essentials          : Disabled 

Advanced Endpoint Assessment   : Disabled 

UC Phone Proxy Sessions        : 2        

Total UC Proxy Sessions        : 2        

Botnet Traffic Filter          : Disabled 

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni

‎01-14-2014 10:00 AM

Hi,

The ASA5505 has with Base License the limitation of 3 Vlan interface of which 1 is also limited in access (shown by the above output mentioning DMZ Restricted)

For an interface on the ASA to operate it must have a name with the command "nameif"

If you already have 3 Vlan interfaces in use then with this license you wont be able to configure 4th Vlan interface without getting a license that supports more interfaces. I guess that would be the Security Plus license.

I know that this has come as a surprise to several users that have posted here on the forums. I too think that its a needles "feature" in the ASA to limit the use of the device in such a way.

- Jouni

View solution in original post

0 Helpful

Go to solution
fongaboo_ccna
Level 1
Level 1
In response to Shakespeare Rodas

‎08-29-2016 01:14 PM

Did you ever get this upgraded? How much did it cost?

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni

‎01-14-2014 10:00 AM

Hi,

The ASA5505 has with Base License the limitation of 3 Vlan interface of which 1 is also limited in access (shown by the above output mentioning DMZ Restricted)

For an interface on the ASA to operate it must have a name with the command "nameif"

If you already have 3 Vlan interfaces in use then with this license you wont be able to configure 4th Vlan interface without getting a license that supports more interfaces. I guess that would be the Security Plus license.

I know that this has come as a surprise to several users that have posted here on the forums. I too think that its a needles "feature" in the ASA to limit the use of the device in such a way.

- Jouni

0 Helpful

Go to solution
Shakespeare Rodas
Level 1
Level 1
In response to Jouni Forss

‎01-14-2014 10:12 AM

Hi JouniForss

Thanks for your reply, i will make an upgrade on the Firewall!!

0 Helpful

Go to solution
fongaboo_ccna
Level 1
Level 1
In response to Shakespeare Rodas

‎08-29-2016 01:14 PM

Did you ever get this upgraded? How much did it cost?

0 Helpful

Go to solution
Shakespeare Rodas
Level 1
Level 1
In response to fongaboo_ccna

‎10-11-2016 10:43 AM

Hi, the upgrade was using a cisco provider under contract, for that reason the upgrade was done without cost for the company.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card