Thanks

I cant seem to do show dmvpn - is this a code or license error or do i need to do anything to enable it ?

show dmvpn detail is the command you want to use if you have it configured

Regarding K9 yes you can use it in Israel we have sites there running crypto

i dony see any show dmvpn command at all - it says unrecognized - 15.5(3)S0c / isr4300-universalk9_npe.03.16.00c.S.155-3.S0c-ext.SP

Would you know in Russia and Turkey ?

Then the image unlikely supports dmvpn  , you can check exactly what features your image supports on software checker below

http://tools.cisco.com/ITDIT/CFN/jsp/index.jsp

you should be fine for Turkey with Russia though from what I remember they regulate encrypted traffic through the government so its certain types of K9 software you need to use , that's definitely the way the wireless works anyway so I assume its probably the same for routers etc

i.e

Cisco Unified Wireless Network Software Release 1.9 for Cisco 5500 Series Wireless LAN Controllers with Licensed Payload Encryption.Only Recommended for Russia Where Data DTLS Payload Encryption is Regulated by the Government.  AIR-CT5500-LDPE-K9-1-9-0-0-FUS.aes

24-JAN-2014

15.21 MB

In Cart

	To Download this software, you must have a valid service contract associated to your Cisco.com profile.
	If you do not have a service contract you can get one through: Your Cisco Account Team if you have a direct purchase agreement with Cisco Your Cisco Partner or Reseller
	Once you have the service contract you must associate your service contract to your Cisco.com user ID with Profile Manager

;

	To Download this software, you must Log In with your Cisco.com user ID.

;

	To Download this software, you must Log In and have a valid service contract associated to your Cisco.com profile.
	If you do not have a service contract you can get one through: Your Cisco Account Team if you have a direct purchase agreement with Cisco Your Cisco Partner or Reseller
	Once you have the service contract you must associate your service contract to your Cisco.com user ID with Profile Manager

;

	Cisco service contract information indicates you are not authorized to download software for the following product(s):
	5508 Wireless Controller
	If you are downloading from the Cart, please remove software for the product(s) listed above to proceed with other software downloads.
	Or, if you feel this message is in error, please: Email technical support for 24x7 assistance. To expedite your request, please include the following information: User ID (Cisco.com ID used to download software) Contact Name Company Name Contract Number Product ID Desired Software Release or File Name Please include a screen shot of this page Contact your Cisco representative, Partner or Reseller to ensure product(s) listed above are covered on a service contract that is associated to your Cisco.com profile. The Partner Locator link may assist in locating your nearest partner. You can add the service contracts for these products to your profile using the Cisco Profile Manager, or have your service administrator do this for you.

Related Information

Dashboard Information Sources

Select different information sources for access to relevant troubleshooting information.

Information Sources
Release Notes Security Advisories, Responses & Notices Documentation Support Community Command References Field Notices

Items per Page:   10 25 50 100 200 300 400 500   < Previous     Next >  Items per Page:   10 25 50 100 200 300 400 500   < Previous     Next  >

Related Information Release Notes Security Advisories, Responses & Notices Documentation Command References Field Notices

Producer ngw

Details

Description:	Cisco Unified Wireless Network Software Release 1.9 for Cisco 5500 Series Wireless LAN Controllers with Licensed Payload Encryption.Only Recommended for Russia Where Data DTLS Payload Encryption is Regulated by the Government.
Release:	1.9.0.0
Release Date:	24/Jan/2014
File Name:	AIR-CT5500-LDPE-K9-1-9-0-0-FUS.aes
Size:	15.21 MB (15946452 bytes)
MD5 Checksum:	856f7f4e0b4ba057ab8dae1f30dfc5ea
SHA512 Checksum:	cc73c6cb5dc7d64dfd371b4d869f0309...
Release Notes for 1.9.0.0 | Security Advisory

would you know for ISR 4300 series also ? 

The laws in China and Russia state that if you have cryptographic equipment in their country by right they can have access to your systems or request your keys in terms of national security theres nothing you can do , the U.S are exactly the same only the issue with China and Russia is there likely state sponsored hacking

So no matter what you put in there country's by law they can have full access no matter what so you find a lot of companies based in these countries do not share intellectuals property through there connections , China you cant even export out of unless you have a presence in the country so we use VDI so our information is not shared across there networks at all but we can still have offices there

I don't have any sites in Russia but its the same as China and there are no real definite restrictions to what cant be used but even if you don't follow them and do have a standard K9 in there as LDPE may not be available for your platform , if they want access to it and its based on there soil they can get it.

If your doing things by the book you may need an export license first

http://www.cisco.com/web/about/doing_business/legal/global_export_trade/general_export/contract_compliance.html

This where your not allowed definite to have Cisco K9

Cisco solutions and products containing 64-bit or less encryption may be delivered to most end users worldwide, except to entities or end users in the following countries: Cuba, Iran, North Korea, Sudan, and Syria.

If this has answered your query's please rate the post as it makes it easier to find the answer when other users search for same problem