Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2226
Views
0
Helpful
4
Replies

Licensing issue with ASA5505

jmange
Level 1
Level 1

‎02-24-2011 02:01 AM - edited ‎03-11-2019 12:56 PM

Hello all,

I have an issue with my ASA5505 in Security Plus license, as you can see below I still have a vlan limitation number as if my ASA still have Base License. Does anyone has ever seen this behavior ? Any idea to fix this problem ?

I already requested new Security Plus licenses but I still have this issue with it ...

Thanks for your help !


Cisco Adaptive Security Appliance Software Version 8.4(1)
Device Manager Version 6.4(1)

Compiled on Mon 31-Jan-11 02:11 by builders
System image file is "disk0:/asa841-k8.bin"
Config file at boot was "startup-config"

ASA-POD3 up 1 min 22 secs

Hardware:   ASA5505, 512 MB RAM, CPU Geode 500 MHz
Internal ATA Compact Flash, 128MB
BIOS Flash M50FW016 @ 0xfff00000, 2048KB

Encryption hardware device : Cisco ASA-5505 on-board accelerator (revision 0x0)
                             Boot microcode        : CN1000-MC-BOOT-2.00
                             SSL/IKE microcode     : CNLite-MC-SSLm-PLUS-2.03
                             IPSec microcode       : CNlite-MC-IPSECm-MAIN-2.06
                             Number of accelerators: 1

The Running Activation Key feature: 26 UC Proxy sessions exceed the limit on the                 platform, reduced to 24 UC Proxy sessions.

Licensed features for this platform:
Maximum Physical Interfaces       : 8              perpetual
VLANs                             : 3              DMZ Unrestricted
Dual ISPs                         : Enabled        perpetual
VLAN Trunk Ports                  : 8              perpetual
Inside Hosts                      : Unlimited      364 days
Failover                          : Active/Standby 364 days
VPN-DES                           : Enabled        perpetual
VPN-3DES-AES                      : Enabled        364 days
AnyConnect Premium Peers          : 10             364 days
AnyConnect Essentials             : 25             364 days
Other VPN Peers                   : 10             perpetual
Total VPN Peers                   : 25             perpetual
Shared License                    : Disabled       perpetual
AnyConnect for Mobile             : Enabled        364 days
AnyConnect for Cisco VPN Phone    : Enabled        364 days
Advanced Endpoint Assessment      : Enabled        364 days
UC Phone Proxy Sessions           : 24             364 days
Total UC Proxy Sessions           : 24             364 days
Botnet Traffic Filter             : Enabled        364 days
Intercompany Media Engine         : Disabled       perpetual

This platform has an ASA 5505 Security Plus license.

Serial Number: JMX-------
Running Permanent Activation Key: 0x------ 0x------ 0x------- 0x------- 0x------

Running Timebased Activation Key: 0x------ 0x------ 0x------- 0x------- 0x------

Configuration register is 0x1
Configuration has not been modified since last system restart.

Labels:
0 Helpful
4 Replies 4

Jennifer Halim
Cisco Employee
Cisco Employee

‎02-24-2011 02:43 AM

Have you made any changes to the activation key lately?

Can you please reload the ASA and see if you are having the same VLAN interfaces?

Also, can you share the output of "show activation-key" after the reload?

0 Helpful

jmange
Level 1
Level 1
In response to Jennifer Halim

‎02-24-2011 03:03 AM

Thanks for your answer.

Have you made any changes to the activation key lately?

Hard to say, this ASA is in a LAB. I saw in ASDM 3 different License Activation Key (of course only one is active).

Can you please reload the ASA and see if you are having the same VLAN interfaces?

I already did this, and again I have the same number of vlans ... That's realy weird, and in fact I have 7 others ASA and 3 of them have this issue. For the other ones it's working well and I have all the options attached to the Security Plus licenses.

Do you think I need to reset completely these ASA ? I don't know if a hard-reset or something like that exist. This way, maybe all the old licenses will be flush and I could start from scratch.

Also, can you share the output of "show activation-key" after the reload?

ASA-POD3# sh activation-key
Serial Number:  JMX1344407R
Running Permanent Activation Key: 0x------ 0x------ 0x------ 0x------ 0x------ 0x------
Running Timebased Activation Key: 0x'''''' 0x'''''' 0x'''''' 0x'''''' 0x'''''' 0x''''''
The Running Activation Key feature: 26 UC Proxy sessions exceed the limit on the platform, reduced to 24 UC Proxy sessions.

Licensed features for this platform:
Maximum Physical Interfaces       : 8              perpetual
VLANs                             : 3              DMZ Unrestricted
Dual ISPs                         : Enabled        perpetual
VLAN Trunk Ports                  : 8              perpetual
Inside Hosts                      : Unlimited      364 days
Failover                          : Active/Standby 364 days
VPN-DES                           : Enabled        perpetual
VPN-3DES-AES                      : Enabled        364 days
AnyConnect Premium Peers          : 10             364 days
AnyConnect Essentials             : 25             364 days
Other VPN Peers                   : 10             perpetual
Total VPN Peers                   : 25             perpetual
Shared License                    : Disabled       perpetual
AnyConnect for Mobile             : Enabled        364 days
AnyConnect for Cisco VPN Phone    : Enabled        364 days
Advanced Endpoint Assessment      : Enabled        364 days
UC Phone Proxy Sessions           : 24             364 days
Total UC Proxy Sessions           : 24             364 days
Botnet Traffic Filter             : Enabled        364 days
Intercompany Media Engine         : Disabled       perpetual

This platform has an ASA 5505 Security Plus license.

The flash permanent activation key is the SAME as the running permanent key.

Active Timebased Activation Key:
0x'''''' 0x'''''' 0x'''''' 0x'''''' 0x'''''' 0x''''''
Inside Hosts                    : 5000       364 days

Failover                        : Enabled    364 days

VPN-3DES-AES                    : Enabled    364 days

AnyConnect Premium Peers        : 10         364 days

Advanced Endpoint Assessment    : Enabled    364 days

AnyConnect for Mobile           : Enabled    364 days

AnyConnect for Cisco VPN Phone  : Enabled    364 days

Total UC Proxy Sessions         : 24         364 days

AnyConnect Essentials           : 1          364 days

Botnet Traffic Filter           : Enabled    364 days

0 Helpful

Jennifer Halim
Cisco Employee
Cisco Employee
In response to jmange

‎02-24-2011 07:10 PM

I would suggest that you open a case with TAC to get the ASA licensing issue further investigated.

0 Helpful

jmange
Level 1
Level 1
In response to Jennifer Halim

‎02-24-2011 11:52 PM

It was just a try to see if someone else ever had this kind of problem.

Thanks for your time.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card