WSA license manual XML file loading vs Smart account licensing and registering clarification.
I am having problems to install and test WSA virtual. The first issue I found is that I couldnt download the WSA evaluation license from the cisco licensing portal. When I try to download the 45 day evaluation license I see the message: "access tio this page is restricted"
So based on many posts that found the same issue, I opened a case with licensing team requesting for the demo evaluation license, and they assigned a 30 day evaluation license to my company smart account domain and virtual account name, but never sent an XML file..
My question is if the smart account licensing replaces the manual installation of the XML file on the virtual appliance?
Asking these because I am able to register the virtual appliance with the token generated from the smart account, and I see the registration status is showing as "registered", but the evaluation license is showing as "Not In Use", and the "Smart License Agent" is showing as "Failed to fetch update".
After registered the WSA with the smart account, I see many WSA licenses are in compliance
When I try to run the "system setup wizard", I see it ask me to install the license via the "loadlicense" CLI command.
Here is my confussion, I never received a license XML file from the cisco licensing team. I only received on the smart account many WSA licenses, and after I registered the WSA using the token, I see the licenses are "in use", but looks like the virtual appliance is not using them as it is still asking me to load the license.
Do I still need to manually install the XML file on the virtual appliance even if licensing team enabled the licenses on my smart account and my virtual appliance was able to successfully register with the smart account?
I haven't seen any notes in the official documentation, but I would definetly agree that any WSA/ESA that uses smart licensing still needs the classical license file to be installed.
I've seen this issue in two circumstances:
1. new WSA installation (still needs classical license even though smart licensing is used)
2. existing ESA installation which refused to update (any software update) because of the following error: "Dynamic manifest fetch failure: Failed to authenticate with manifest server".
This is actually caused by the fact that the appliance still needs the classical license file when exchanging messages with the update server. If you load any license (as long as it's valid; can be demo or whatever) everything works as expected.
Site to Site IPSec VPN with Dynamic IP Endpoint is typically used when we have a branch sites which obtains a dynamic public IP from the Internet ISP. For example an ADSL connection.One important note is that Site-to-Site VPN with Dynamic remote routers P...
On R1, configure a key ring that defines the peer R3:Address: 184.108.40.206Local and remote pre-shared key: cisco R1(config)#crypto ikev2 keyring KRR1(config-ikev2-keyring)# peer R3R1(config-ikev2-keyring-peer)# address 220.127.116.11R1(config-ikev2-keyring-pee...
This document shows how to use the Port Radius NAS PORT Id Attribute in a compound condition to control access with 802.1X.A user jdoe is allowed to access the network only through the physical port FastEthernet 0/1 of the switch and the user jwhite is al...
This document provides a configuration example of Security Assertion Markup Language (SAML) Authentication on FTD managed over FDM. The configuration allows Anyconnect users to establish a VPN session authenticating with a SAML Identity Serv...
DMVPN Dual Hub Dual Cloud Pros and ConsProsNo single point of failureQuick failover if routing protocols are tunedLoad balancing is easyTraffic engineering is easyEasy to work with multiple ISPsConsNeed 2 tunnels per spokeConfiguration is more complicated...