Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2290
Views
0
Helpful
2
Replies

Enabling VPN-3Des-AES

Go to solution
amelchiors
Level 1
Level 1

‎11-27-2012 02:35 PM

Hello!

I need to enable VPN-3DES-AES on an ASA5540.  Show version provided this info below. 

Licensed features for this platform:

Maximum Physical Interfaces  : Unlimited

Maximum VLANs                : 200

Inside Hosts                 : Unlimited

Failover                     : Active/Active

VPN-DES                      : Enabled

VPN-3DES-AES                 : Disabled

Security Contexts            : 2

GTP/GPRS                     : Disabled

VPN Peers                    : 5000

WebVPN Peers                 : 2

AnyConnect for Mobile        : Disabled

AnyConnect for Linksys phone : Disabled

Advanced Endpoint Assessment : Disabled

UC Proxy Sessions            : 2

This platform has an ASA 5540 VPN Premium license.

After doing some poking around I came across a link to request a free license but when the email came it warned that the requested license was lower than one currently assigned to the serial number provided.  I do not have any of the old license information since this was set up years ago and was way before my time with the company.  Can anyone point me in the right direction on how to enable the feature as well as maintaining my vpn premium license features. 

Thanks,

Andrew

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Javier Portuguez
Level 9
Level 9

‎11-27-2012 11:56 PM

Hi Andrew,

As far as I  know it should not affect the existing license, since it is specifically for 3DES-AES.

HTH.

Please rate any helpful posts.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Javier Portuguez
Level 9
Level 9

‎11-27-2012 11:56 PM

Hi Andrew,

As far as I  know it should not affect the existing license, since it is specifically for 3DES-AES.

HTH.

Please rate any helpful posts.

0 Helpful

Go to solution
amelchiors
Level 1
Level 1
In response to Javier Portuguez

‎11-28-2012 07:03 AM

Below is info from the email with the key.  It keeps referring to PIX OX6.1.  The ASA is running ASA 8.0(4).  Is this going to be a problem or are the pix references just there because this key has been needed to activate the strong encryption since the pix days?  Also is the process going to be the same for an asa?  Will I still need a reboot?  Thanks for all the help!

Platform = asa

:   

Installing Your PIX Firewall Activation Key

Note:  On systems running PIX OS 6.2 and higher, you may enter the new activation key via the activation-key command.  A reboot will be necessary to have the change take effect.  On systems running PIX OS 6.1 and earlier, a software image must be downloaded to the PIX Firewall in monitor mode in order to enter the new activation key.

Step 1.  Back up your PIX Firewall configuration.  Use the tftp-server command with the "write net" command to store your configuration on a TFTP server.  Or, use the "write terminal" command to list your configuration and then cut and paste it into a text editing application on your console.

Step 2.  Follow the directions applicable to your version and PIX Firewall model number for installing  a new software and entering a new activation key.  Refer to the PIX Firewall documentation at the following site:

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/index.htm

Step 3.  If prompted to "install a new image," enter y.

Step 4.  When prompted to "enter new key," enter y.

Step 5.  When prompted, enter each of the four key values (Do not enter spaces in the key value).

Step 6.  Use the "show version" command to view the new features enabled by the key.

0 Helpful
Customers Also Viewed These Support Documents