12-16-2008 06:48 AM - edited 03-11-2019 07:26 AM
OK im new and will be asking lots of questions, im a checkpoint guy but we are switching to cisc ASA :) so going to take me a min to get used to.... but we have a brand new out of box 5510, which has 5 interfaces plus the management interface so 6 total , but in CLI and ASDM i only see 4 total including the management Interface why is this???
12-16-2008 08:33 AM
This is purely due to licensing. The default license only includes 3 interfaces and the management interface.
12-16-2008 08:35 AM
Ahhh ok make perfect sense thank you
12-16-2008 11:00 AM
If you need more interfaces in the future, you can buy a license upgrade to the plus license which enables you to the 5 interfaces (the first two becoming gigabit ethernet) and more vlan support.
Also active/passive and active/active failover becomes available with that license upgrade.
So, if need comes for more physical interfaces, you don't need to replace the box..
12-16-2008 11:03 AM
ohh you knwo im sure we got the active/passive stuff but like i said first time im done ASA if i purchase a device are the license online or they already installed?
12-16-2008 12:53 PM
If you issue the command
on the asa, it shows you the license.
You can buy the license upgrade from a cisco partner. You will then receive a document with a product activation key (PAK) and a url. You just go to that url, enter the serial number of the ASA and the PAK and you'll receive a new authentication key (4 or 6 groups of hexadecimal numbers) which you can then enter in the asa to get the plus license.
The plus license is already installed in the
ASA5510-SEC-BUN-K9, but the ASA5510-BUN-K9 is just the base license. The license partnr is ASA5510-SEC-PL=
12-18-2008 05:59 AM
ok well the issue was i was putting in two paks cause it sorta ask for all you have. But i tried just one with one s/n and it worked thanks.
But all interfaces show except for one and im wondering if its the IPS module, as im not familiar. But if your looking at the back of the ASA its by it self to the left. then in middle there is management port then to right there the 4 int's. So does this port not show up in ASDM under Interfaces? or is this a version issue? I notice when i try to go to IPS in ASDM it says:
ASDM will make a new connection to the IPS software running on the ssm module in this ASA system. etc etc etc
Then it gives me two choices
1)Management Ip address 192.168.1.2
2) Other ip or host
not sure whats its looking for here
12-16-2008 10:23 PM
All you need to do is upgrade your ASA 5510 to 7.2.x (or later). Starting with 7.2.x Cisco removed the 3+1 interface restriction on the 5510 Base License. Now you can use all five interfaces without any restriction.
Please rate if helpful.
12-18-2008 07:48 AM
OK im at 8.0(4) and still only show eth0/0 - eth0/3 and the management port, the other port isn't showing up?? we did get the IPS is that the IPS port?
12-18-2008 08:25 AM
OK duh it says it right on it ASA5510 ssm-10
12-19-2008 09:21 PM
Five interfaces means 4 Regular Interface (Fast Ethernet) + 1 Management Interface. You can remove the 'management-only' command from the management interface and use it like any other interface.
Furthermore, with latest ASA code you can use the first two interfaces of the ASA 5510 as Gigabit Eth. interfaces, all you need to do is put the appropriate 'speed' command under eth0 and eth 1.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: