Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1229
Views
0
Helpful
2
Replies

Cisco ISR4221 without security License - Is it still possible to create a VPN to a Firewall

Go to solution
Dunner1991
Level 1
Level 1

‎05-21-2020 04:48 AM

Hi All,

 

Bit of a weird one here.

 

I have inherited a setup in which I have 4 ISR4221 routers with no security licenses so the ISR4221/k9 and not the ISR4221/SEC-K9

 

Is it still possible to set up VPNSs without the security license?

 

I had a goal of using these routers as OOB mgmt devices with S2S VPNs to our Fortigate VM in Azure but now i'm not sure if this is even possible with the current setup

 

The only options i get when using crypto for example is 

 

(config)#crypto ?
RSA-key-pair RSA key pair
key Long term key operations
pki Public Key components
provisioning Secure Device Provisioning
wui Crypto HTTP configuration interfaces

 

Any input would be greatly appreciated.

 

Thanks

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame

‎05-21-2020 06:21 AM

Hello @Dunner1991 ,

from the available options it looks like you can only use commands to make secure the management of the device for example the RSA keys are needed to be able to enable SSH but no commands available to secure / encrypt user traffic.

So you likely need the security license to enable encryption of user traffic.

You should contact your Cisco partner or reseller to get an offer for those four licenses.

 

Note: there may be a way to enable an evaluation license for 60 days but on the long term the licenses need to be purchased.

 

Hope to help

Giuseppe

 

 

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame

‎05-21-2020 06:21 AM

Hello @Dunner1991 ,

from the available options it looks like you can only use commands to make secure the management of the device for example the RSA keys are needed to be able to enable SSH but no commands available to secure / encrypt user traffic.

So you likely need the security license to enable encryption of user traffic.

You should contact your Cisco partner or reseller to get an offer for those four licenses.

 

Note: there may be a way to enable an evaluation license for 60 days but on the long term the licenses need to be purchased.

 

Hope to help

Giuseppe

 

 

0 Helpful

Go to solution
Dunner1991
Level 1
Level 1

‎05-22-2020 02:37 AM

HI @Giuseppe Larosa 

 

Thank you very much for the information

I had assumed VPN connectionsd were not possible from what i had read without the security license.

 

I will look into getting these licenses ASAP.

 

Thanks,

 

Mark

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card