Hi Marvin,

That was where I thought there may be an issue. It is easy enough to set the MAC address of a VM to whatever you want though, so assuming I am careful about retaining the MAC, is it a workable setup? Or are there other settings that contribute to the license file (Processor SN, etc).

thanks...

Good question. the license key is 14 bytes. The last 12 bytes are the MAC address of the FMC eth0 interface. (Or in the case of an ASA 5506/08/16 with on-board ASDM-based FireSIGHT Management, the MAC address of the FirePOWER module itself.) See screenshot below.

The first two bytes - I'm not sure where those come from and whether changing them will invalidate a license residing on the FMC.

We'll probably have to open a TAC case to get a definitive answer on that unless you know a Sourcefire development engineer. :)

So, just as an FYI..

I did some testing in my environment here. I was able to configure a VDC in my demo cluster and get is all working (with no licensing installed). I made note of the License Key, which was the MAC address preceded by the numbers 66: as in your screenshot.

I exported it to an OVF and imported it into a standalone management host we have in our production environment. It booted up fine, but showed the License Key as different - reflecting the new MAC address of the deployed server. I powered it off and changed the MAC address in VMware, then powered it back up again and the License Key was correct again.

Like I said, this is just an FYI. Thanks again for your help.

Excellent info. Thanks for the update. Paraphrasing Ben Franklin, I always say "An ounce of data is worth a pound of conjecture." :)

So the 66: prefix seems to be common for Virtual Defense Center / FireSIGHT Management Center (for the four I just went back and checked plus yours = sample size 5 anyhow). I had a customer with a DC appliance and it also used "66". So it doesn't appear to be tied to any host-specific attributes like processor SN.

My ASA 5506 with ASDM-based FMC uses "72" as the prefix.