Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
330
Views
1
Helpful
2
Replies

License Help For ASA5510

Go to solution
slimgin
Level 1
Level 1

‎07-11-2025 07:20 AM

Hello All,

Longtime user of Cisco Community support and usually always find what I am looking for in here.

I acquired an ASA5510 from a friend who was recycling old hardware in server cabinets and he asked me if I wanted this device, along with a few others, for my home lab. I believe this device was never licensed, or used for that matter, as the 'Running Permanent Activation Key' is all zeros. Specifically, I am looking for a license to enable the 'Encryption-3DES-AES' feature, which correlates to allowing SSH version 2 traffic, as well as higher encryption usage for ASDM. I do not know if this is true, but Google's AI feature indicates the following: 'The 3DES/AES encryption feature is usually bundled with the Security Plus license or can be obtained as a separate, free license.' If this is true, how do I go about requesting a free license for this feature?

See below for the output of 'sh activation-key' and 'sh ver'

sh activation-key
Serial Number:  JMX1635X01P
Running Permanent Activation Key: 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000
The Running Activation Key is not valid, using default settings:

Licensed features for this platform:
Maximum Physical Interfaces       : Unlimited      perpetual
Maximum VLANs                     : 50             perpetual
Inside Hosts                      : Unlimited      perpetual
Failover                          : Disabled       perpetual
Encryption-DES                    : Enabled        perpetual
Encryption-3DES-AES               : Disabled       perpetual
Security Contexts                 : 0              perpetual
GTP/GPRS                          : Disabled       perpetual
AnyConnect Premium Peers          : 2              perpetual
AnyConnect Essentials             : Disabled       perpetual
Other VPN Peers                   : 250            perpetual
Total VPN Peers                   : 250            perpetual
Shared License                    : Disabled       perpetual
AnyConnect for Mobile             : Disabled       perpetual
AnyConnect for Cisco VPN Phone    : Disabled       perpetual
Advanced Endpoint Assessment      : Disabled       perpetual
UC Phone Proxy Sessions           : 2              perpetual
Total UC Proxy Sessions           : 2              perpetual
Botnet Traffic Filter             : Disabled       perpetual
Intercompany Media Engine         : Disabled       perpetual
Cluster                           : Disabled       perpetual

This platform has a Base license.

Failed to retrieve flash permanent activation key.
The flash permanent activation key is the SAME as the running permanent key.
sh ver

Cisco Adaptive Security Appliance Software Version 9.1(7)23
Device Manager Version 7.5(2)153

Compiled on Thu 01-Feb-18 23:08 by builders
System image file is "disk0:/asa917-23-k8.bin"
Config file at boot was "startup-config"

ciscoasa up 2 days 20 hours

Hardware:   ASA5510, 1024 MB RAM, CPU Pentium 4 Celeron 1599 MHz,
Internal ATA Compact Flash, 256MB
BIOS Flash M50FW016 @ 0xfff00000, 2048KB

Encryption hardware device : Cisco ASA-55xx on-board accelerator (revision 0x0)
                             Boot microcode        : CN1000-MC-BOOT-2.00
                             SSL/IKE microcode     : CNlite-MC-SSLm-PLUS-2.08
                             IPSec microcode       : CNlite-MC-IPSECm-MAIN-2.09
                             Number of accelerators: 1

 0: Ext: Ethernet0/0         : address is a493.4ca3.b3ca, irq 9
 1: Ext: Ethernet0/1         : address is a493.4ca3.b3cb, irq 9
 2: Ext: Ethernet0/2         : address is a493.4ca3.b3cc, irq 9
 3: Ext: Ethernet0/3         : address is a493.4ca3.b3cd, irq 9
 4: Ext: Management0/0       : address is a493.4ca3.b3ce, irq 11
 5: Int: Not used            : irq 11
 6: Int: Not used            : irq 5
The Running Activation Key is not valid, using default settings:

Licensed features for this platform:
Maximum Physical Interfaces       : Unlimited      perpetual
Maximum VLANs                     : 50             perpetual
Inside Hosts                      : Unlimited      perpetual
Failover                          : Disabled       perpetual
Encryption-DES                    : Enabled        perpetual
Encryption-3DES-AES               : Disabled       perpetual
Security Contexts                 : 0              perpetual
GTP/GPRS                          : Disabled       perpetual
AnyConnect Premium Peers          : 2              perpetual
AnyConnect Essentials             : Disabled       perpetual
Other VPN Peers                   : 250            perpetual
Total VPN Peers                   : 250            perpetual
Shared License                    : Disabled       perpetual
AnyConnect for Mobile             : Disabled       perpetual
AnyConnect for Cisco VPN Phone    : Disabled       perpetual
Advanced Endpoint Assessment      : Disabled       perpetual
UC Phone Proxy Sessions           : 2              perpetual
Total UC Proxy Sessions           : 2              perpetual
Botnet Traffic Filter             : Disabled       perpetual
Intercompany Media Engine         : Disabled       perpetual
Cluster                           : Disabled       perpetual

This platform has a Base license.

Serial Number: JMX1635X01P
Running Permanent Activation Key: 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000
Configuration register is 0x1
Configuration last modified by enable_15 at 20:05:54.464 UTC Fri Jan 3 2003

Thank you in advance for your help and I hope you have a great day!

-Gil Nims

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎07-11-2025 09:42 AM

You need to have access to a Smart Account to get the free 3DES/AES license.

If you do, log into software.cisco.com at https://software.cisco.com/software/swift/lrp/#/pak and then click on "Get Licenses > IPS, Crypto or Other" and  request the license as shown below:

MarvinRhoads_0-1752252019171.png

 

View solution in original post

2 Replies 2

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎07-11-2025 09:42 AM

You need to have access to a Smart Account to get the free 3DES/AES license.

If you do, log into software.cisco.com at https://software.cisco.com/software/swift/lrp/#/pak and then click on "Get Licenses > IPS, Crypto or Other" and  request the license as shown below:

MarvinRhoads_0-1752252019171.png

 

Go to solution
slimgin
Level 1
Level 1

‎07-11-2025 09:46 AM

Here is the process for requesting a free activation-key for an ASA5500, which provides the 'Encryption-3DES-AES' license feature. Not sure how many people had the same problem as me, but see below for the process.

 

1) Open a browser window in incognito mode and go to 'software.cisco.com'. Login with your CCO credentials.

2) When the page refreshes, under Traditional Licenses, select "Access LRP".

3) Within LRP, chose 'Get Licenses' -> 'IPS, Crypto, other', and complete the required information.

4) You might be prompted to view and accept the high encryption acknowledgement prior to submitting your request.

 

The key thing for me was logging into the software page in incognito mode.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card