Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
753
Views
0
Helpful
2
Replies

removing AnyConnect for Mobile license from standby ASA

Go to solution
ajamua
Level 1
Level 1

‎02-17-2014 10:18 AM - edited ‎02-21-2020 07:30 PM

I recently purchased 2 AnyConnect for Mobile license from a pair of ASA 5510 firewalls. The firewalls are configured in active/standby mode. I installed a license on both firewalls. I was told that I only need one license installed on the active firewall and that the license transfers over during failover. Is this true? If so how can I recover the license I installed on the stanby unit so that I can install it on another pair of firewalls, in another location, that I use for remote VPN access. Please help. Thanks.


bwASA01# sh ver                                          

Cisco Adaptive Security Appliance Software Version 8.3(2)34

Device Manager Version 6.4(9)

Compiled on Wed 26-Sep-12 10:58 by builders

System image file is "disk1:/asa832-34-k8.bin"

Config file at boot was "startup-config"

bwASA01 up 1 year 63 days

failover cluster up 1 year 64 days

Hardware:   ASA5510, 1024 MB RAM, CPU Pentium 4 Celeron 1599 MHz

Internal ATA Compact Flash, 256MB

Slot 1: ATA Compact Flash, 128MB

BIOS Flash M50FW080 @ 0xfff00000, 1024KB

Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)

                             Boot microcode   : CN1000-MC-BOOT-2.00

                             SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.03

                             IPSec microcode  : CNlite-MC-IPSECm-MAIN-2.06

0: Ext: Ethernet0/0         : address is 001d.a259.4560, irq 9

1: Ext: Ethernet0/1         : address is 001d.a259.4561, irq 9

2: Ext: Ethernet0/2         : address is 001d.a259.4562, irq 9

3: Ext: Ethernet0/3         : address is 001d.a259.4563, irq 9

4: Ext: Management0/0       : address is 001d.a259.4564, irq 11

5: Int: Not used            : irq 11

6: Int: Not used            : irq 5

Licensed features for this platform:

Maximum Physical Interfaces    : Unlimited      perpetual

Maximum VLANs                  : 100            perpetual

Inside Hosts                   : Unlimited      perpetual

Failover                       : Active/Active  perpetual

VPN-DES                        : Enabled        perpetual

VPN-3DES-AES                   : Enabled        perpetual

Security Contexts              : 2              perpetual

GTP/GPRS                       : Disabled       perpetual

SSL VPN Peers                  : 100            perpetual

Total VPN Peers                : 250            perpetual

Shared License                 : Disabled       perpetual

AnyConnect for Mobile          : Enabled        perpetual

AnyConnect for Cisco VPN Phone : Disabled       perpetual

AnyConnect Essentials          : Disabled       perpetual

Advanced Endpoint Assessment   : Disabled       perpetual

UC Phone Proxy Sessions        : 2              perpetual

Total UC Proxy Sessions        : 2              perpetual

Botnet Traffic Filter          : Disabled       perpetual

Intercompany Media Engine      : Disabled       perpetual

This platform has an ASA 5510 Security Plus license.

Failover cluster licensed features for this platform:

Maximum Physical Interfaces    : Unlimited      perpetual

Maximum VLANs                  : 100            perpetual

Inside Hosts                   : Unlimited      perpetual

Failover                       : Active/Active  perpetual

VPN-DES                        : Enabled        perpetual

VPN-3DES-AES                   : Enabled        perpetual

Security Contexts              : 4              perpetual

GTP/GPRS                       : Disabled       perpetual

SSL VPN Peers                  : 200            perpetual

Total VPN Peers                : 250            perpetual

Shared License                 : Disabled       perpetual

AnyConnect for Mobile          : Enabled        perpetual

AnyConnect for Cisco VPN Phone : Disabled       perpetual

AnyConnect Essentials          : Disabled       perpetual

Advanced Endpoint Assessment   : Disabled       perpetual

UC Phone Proxy Sessions        : 4              perpetual

Total UC Proxy Sessions        : 4              perpetual

Botnet Traffic Filter          : Disabled       perpetual

Intercompany Media Engine      : Disabled       perpetual

This platform has an ASA 5510 Security Plus license.

Serial Number: JMX1201L1AK

Running Permanent Activation Key: x x x x x

Configuration register is 0x1

Configuration last modified by aabraham at 23:02:50.378 EST Wed Feb 12 2014

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
jj27
Spotlight
Spotlight

‎02-17-2014 11:44 AM

With version 8.3(1) the ASA introduced the concept of a shared license between failover appliances.  I see you are running 8.3 already so this is true for your scenario.

There is no way to remove the license from the ASA manually, but you can open a case with Cisco licensing and ask them to re-host the AnyConnect Mobile license to a new serial number.  You will need the serial number of the ASA you want to transfer it from.

Thanks.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
jj27
Spotlight
Spotlight

‎02-17-2014 11:44 AM

With version 8.3(1) the ASA introduced the concept of a shared license between failover appliances.  I see you are running 8.3 already so this is true for your scenario.

There is no way to remove the license from the ASA manually, but you can open a case with Cisco licensing and ask them to re-host the AnyConnect Mobile license to a new serial number.  You will need the serial number of the ASA you want to transfer it from.

Thanks.

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to jj27

‎02-17-2014 08:30 PM

jjohnston's advice is correct.

Contact the TAC and ask for licensing support.

0 Helpful
Customers Also Viewed These Support Documents