Re: Licence Cisco ASA 5516X

490471322 · ‎04-16-2021

Hello

We have a vendor asking us to renew a Cisco Asa 5516X license So in the Asa we were given that the license is for life.

can someone explain me please

Marvin Rhoads · ‎04-16-2021

Please provide more details.

They might be referring to licenses for the Firepower service module that could be running on your ASA 5516-X. The only other thing I can think of that is time-based license is some type of AnyConnect licenses for remote access VPN.

490471322 · ‎04-19-2021

Sorry for not giving more details,
But we say that it is for the Firepower service while the latter we do not
use it at all and it has been installed for 2 years

johnlloyd_13 · ‎04-16-2021

hi,

just to add, check your ASA license using the 'show version' and 'show activation-key detail' commands.

490471322 · ‎04-19-2021

for the show activation-key detail command, please find the result below

Running Permanent Activation Key: 0x470dc350 0xe0b6063a 0xd8a0596c
0xaa68cca4 0x89130191

Licensed features for this platform:
Maximum Physical Interfaces : Unlimited perpetual
Maximum VLANs : 150 perpetual
Inside Hosts : Unlimited perpetual
Failover : Active/Active perpetual
Encryption-DES : Enabled perpetual
Encryption-3DES-AES : Enabled perpetual
Security Contexts : 2 perpetual
Carrier : Disabled perpetual
AnyConnect Premium Peers : 4 perpetual
AnyConnect Essentials : Disabled perpetual
Other VPN Peers : 300 perpetual
Total VPN Peers : 300 perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
Shared License : Disabled perpetual
Total TLS Proxy Sessions : 1000 perpetual
Botnet Traffic Filter : Disabled perpetual
Cluster : Enabled perpetual
Cluster Members : 2 perpetual
VPN Load Balancing : Enabled perpetual

Failover cluster licensed features for this platform:
Maximum Physical Interfaces : Unlimited perpetual
Maximum VLANs : 150 perpetual
Inside Hosts : Unlimited perpetual
Failover : Active/Active perpetual
Encryption-DES : Enabled perpetual
Encryption-3DES-AES : Enabled perpetual
Security Contexts : 4 perpetual
Carrier : Disabled perpetual
AnyConnect Premium Peers : 8 perpetual
AnyConnect Essentials : Disabled perpetual
Other VPN Peers : 300 perpetual
Total VPN Peers : 300 perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
Shared License : Disabled perpetual
Total TLS Proxy Sessions : 1000 perpetual
Botnet Traffic Filter : Disabled perpetual
Cluster : Enabled perpetual
VPN Load Balancing : Enabled perpetual

The Running Activation Key feature: 2000 TLS Proxy sessions exceed the
limit on the platform, reduced to 1000 TLS Proxy sessions.

Running Permanent Activation Key: 0x470dc350 0xe0b6063a 0xd8a0596c
0xaa68cca4 0x89130191

Licensed permanent key features for this platform:
Maximum Physical Interfaces : Unlimited perpetual
Maximum VLANs : 150 perpetual
Inside Hosts : Unlimited perpetual
Failover : Active/Active perpetual
Encryption-DES : Enabled perpetual
Encryption-3DES-AES : Enabled perpetual
Security Contexts : 2 perpetual
Carrier : Disabled perpetual
AnyConnect Premium Peers : 4 perpetual
AnyConnect Essentials : Disabled perpetual
Other VPN Peers : 300 perpetual
Total VPN Peers : 300 perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
Shared License : Disabled perpetual
Total TLS Proxy Sessions : 1000 perpetual
Botnet Traffic Filter : Disabled perpetual
Cluster : Enabled perpetual
Cluster Members : 2 perpetual
VPN Load Balancing : Enabled perpetual

The flash permanent activation key is the SAME as the running permanent key.

Marvin Rhoads · ‎04-19-2021

Based on your show command output, the ASA 5516-X dos not have any time-based license and thus does not require any renewal license. As you mentioned you are not using the Firepower service module either so there's no license there to be concerned about.

So your vendor appears to be quoting you incorrect information.