05-21-2020 04:48 AM
Hi All,
Bit of a weird one here.
I have inherited a setup in which I have 4 ISR4221 routers with no security licenses so the ISR4221/k9 and not the ISR4221/SEC-K9
Is it still possible to set up VPNSs without the security license?
I had a goal of using these routers as OOB mgmt devices with S2S VPNs to our Fortigate VM in Azure but now i'm not sure if this is even possible with the current setup
The only options i get when using crypto for example is
(config)#crypto ?
RSA-key-pair RSA key pair
key Long term key operations
pki Public Key components
provisioning Secure Device Provisioning
wui Crypto HTTP configuration interfaces
Any input would be greatly appreciated.
Thanks
Solved! Go to Solution.
05-21-2020 06:21 AM
Hello @Dunner1991 ,
from the available options it looks like you can only use commands to make secure the management of the device for example the RSA keys are needed to be able to enable SSH but no commands available to secure / encrypt user traffic.
So you likely need the security license to enable encryption of user traffic.
You should contact your Cisco partner or reseller to get an offer for those four licenses.
Note: there may be a way to enable an evaluation license for 60 days but on the long term the licenses need to be purchased.
Hope to help
Giuseppe
05-21-2020 06:21 AM
Hello @Dunner1991 ,
from the available options it looks like you can only use commands to make secure the management of the device for example the RSA keys are needed to be able to enable SSH but no commands available to secure / encrypt user traffic.
So you likely need the security license to enable encryption of user traffic.
You should contact your Cisco partner or reseller to get an offer for those four licenses.
Note: there may be a way to enable an evaluation license for 60 days but on the long term the licenses need to be purchased.
Hope to help
Giuseppe
05-22-2020 02:37 AM
Thank you very much for the information
I had assumed VPN connectionsd were not possible from what i had read without the security license.
I will look into getting these licenses ASAP.
Thanks,
Mark
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide