We are designing a solution for our customer, they plan to connect 5 site to their main office, on the main office, they use CISCO2911, branch use CISCO1921, so my question is:
1, If I want to use IPSec VPN connect branch and main office, apart from the router, I only need to buy the Security pack, like SL-19-SEC-K9/SL-29-SEC-K9, no need to buy SL-19-DATA-K9/SL-29-DATA-K9, am I right?
2, If I want to use SSL VPN connect branch and main office, apart from the router and SL-19-SEC-K9/SL-29-SEC-K9, I only need to buy L-FL-SSLVPN10-K9 for CISCO2911 in main office, no need to buy L-FL-SSLVPN10-K9 for branch as each CISCO1921 has two default SSL license?
What's the difference between VPN Plus license and Security Plus license. I have new 5520 shipped with VPN Plus license.Also does it require a seperate license for Anyconnect for Mobile and AnyConnect Essentials.
I purchased a 2911 router and a 25-pack of VPN licenses (PID: L-FL-SSLVPN25-K9=).I registered the license, and supplied the serial number of my router when asked.I received a .lic license file.When I attempt to install the license on the appliance, I receive an error:
% Error: Install failed. UDI L-FL-SSLVPN25-K9=:FTX1542AKJ3 on license does not m atch any device 0/1 licenses were successfully installed 0/1 licenses were existing licenses 1/1 licenses were failed to install
However, the following establishes that the serial number is correct:
SFGallery#show inventory NAME: "CISCO2911/K9 chassis", DESCR: "CISCO2911/K9 chassis" PID: CISCO2911/K9 , VID: V04 , SN: FTX1542AKJ3 NAME: "C2911 AC Power Supply", DESCR: "C2911 AC Power Supply" PID: PWR-2911-AC , VID: V03 , SN: AZS153303LY
I would like know, what license is necessary to employ a load-balance in a 2911 router. I have these licenses bellow, can i configure an load balance?In this cenario we have two links with an ISP.
Cisco IOS Software, C2900 Software (C2900-UNIVERSALK9-M), Version 15.2(2)T1, RELEASE SOFTWARE (fc1) Cisco CISCO2911/K9 (revision 1.0) with 479232K/45056K bytes of memory. Processor board ID FTX1613AH8D 1 FastEthernet interface 3 Gigabit Ethernet interfaces 1 terminal line 2 Channelized (E1 or T1)/PRI ports(code)
i have cisco 880 with NPE licence, but i need encryption on this device. I change IOS to c880data-universalk9-mz.151-3.T1.bin, but i still have NPE License and only Evalution without NPE. How can i have permanent license?
show license all
License Store: Primary License Storage StoreIndex: 0 Feature: advsecurity_npe Version: 1.0 License Type: Permanent License State: Active, Not in Use
We’ve ordered ASA 5510 with security plus license as below description:
ASA5510-K8 ASA 5510 Appliance with SW, 5FE, DES L-ASA5510-SEC-PL= ASA 5510 Security Plus License w/ HA, GE, more VLANs + conns
The license details on the appliance shows as the below, Fail over : Enabled Encryption-DES : Enabled Encryption-3DES-AES : Disabled Security Contexts : Default GTP/GPRS : Disabled Any Connect Premium Peers : Default Other VPN Peers : Default Advanced Endpoint Assessment : Disabled Any Connect for Mobile : Disabled Any Connect for Cisco VPN Phone : Disabled Shared License : Disabled UC Phone Proxy Sessions : Default Total UC Proxy Sessions : Default Any Connect Essentials : Disabled Bot net Traffic Filter : Disabled Inter company Media Engine : Disabled
I’ve noticed that the 3DES is disabled, do I need to order another license to use 3DES or not ?Also, I need 2 ~ 5 branches to connect simultaneously and have VPN access on their laptops to the main branch via vpn software, which VPN software I should use and is our license enough or I should order another license.
Do I need the security plus license to do HA with two 5520's?I was told by our purchasing department that the 5520 was supposed to be able to do HA out of the box, but when I look I see only the VPN + license. Does that mean I can download the security plus license? Or do I even need it on the 5520.
I have Cisco ASA5505 8.2(5) connected with Cisco 5520 8.2(1) via IPSEC tunnel, I was able to SSH from the inside 5520 to inside IP of the asa5505. but I after I upgrade the license to security plus at 5505 I lost the SSH and ASDM to inside IP of 5505 from the inside network of the 5520. however I still can use SSH and ASDM on outside IP of 5505.
I did a lot of testing to make it work but I couldn't I added SSH 0.0.0.0/0 inside and outside also I added acl on both interfaces. when I did a trace on the outside interface from the private network of 5520 to 5505 inside IP I got IPSEC spoofed by the way that trace only works with security plus because I try to test on all my other firewalls 8.2(5) it shows nothing and all my firewalls can accessed from the private network 5520 except the one with the security plus!
i had installed the SSL_VPN to the router C2911, running on IOS 15.0 But i couldn't see the SSL_VPN enable while i do show license feature? i did reload the router several time and accept the end user agreement.
attach the 01. show license feature 02. show license detail
I have a Cisco 1921 ISR Router with Security License running software version 15.0. I want to upgrade the router to 15.1. But I don't want to lose the security license that came with the router. When I look at the IOS downloads page on Cisco, all I see is universal images for all versions of 15.1.
My question is - where is the security license stored? In the IOS or programmed in somewhere else of the router? If I upgrade my router to one of the newer 15.1 universal images, will I lose my security license?
We want to upgrade one of our Cisco 5505 with Security Plus license. what is the difference between L-ASA5505-SEC-PL and ASA5505-SEC-PL upgrade licenses?
I need your support for upgrading the Security context license on 5550, at present we have 5 Security context license installed in ASA but we want it to increased till 10 conctexts. I want to understand if we need to get addtional 5 Security context license or 10.
I have a cisco router 1941 and i have uploaded before evaluation license , now i have already bought cisco security license .I have already installed on cisco router , but the problem the router is still using the evaluation license not the new license .
We are planning to upgrade the ASA license in an A/S pair by adding the ASA5500-SC-20= license. The ASA is 5545 and runs 8.6. According to documentation, after 8.3 version, the ASAs can share a license features and do not require the same license on both boxes. I run a test in GNS3 with 8.4(2) images and I saw that by adding the 'activation-key' command only on the primary unit did the job as the 'show activation-key' output shows. In order to be 100% sure would like to verify the following:
Putting the activation-key only on the primary unit is enough and there is no need to do anything elseIn case the primary unit is standby, again we have to put the actication-key command on the primary unit (I am asking this because the 'activation-key' command is not listed under the commands that are not replicated to the other unitk, but doesn't make sense to be replicated since the activation-key is 'tied' with the S/N of the device).
I'm currently reconfiguring an ASA5510 installation to a HA setup with a second 5510. The old 5510 has an "AnyConnect for Mobile" license which isn't being used. So we upgrade that one to a SecPlus License to enable failover posibilities and we bought a new 5510 also with a SecPlus license. When I'm trying to enable failover I get the message that my mate hasn't got the "AnyConnect for Mobile" license. I know for failover both devices must be exactly the same (at first i thougth that the AnyConnect license would be lost when upgrading to SecPlus). So now I'm wondering and searching for solutions to remove the AnyConnect license (because we don't use it).
We recently upgraded a ASA 5505 with the security plus license to allow us to add a second subnet, but are having a few problems configuring the second subnet. The original subnet we have configured 10.1.1.0 is able to access the internet without any problems. However the new subnet 10.1.5.0 is unable to access the internet and when we ran a trace packet the nat config nat (inside) 1 0.0.0.0 0.0.0.0 is showing as the rule that drops the packet.
Additionally we have not been able to get the 2 subnets to talk to each other even though same-security-traffic permit inter-interface is configured. How to configure the subnet 10.1.5.0 to access the internet or to get the subnets to communicate. Below is a streamlined version of our current config.
I am buying ASA 5505 with security license. It says it can support 20 vlans does it support 20 vlans by allowing to create subinterfaces? As it has 8 physical ports only?
I have a ASA 5510 with Security Plus License and when I looked at the devices a few days ago I had 2 contexts, however after configuring the Mgm port as a regular port the contexts show 0, why? I can not find any post on the internet where this issue has happen: here is the output from show ver:
Cisco Adaptive Security Appliance Software Version 7.0(8) Compiled on Sat 31-May-08 23:48 by builders System image file is "disk0:/asa708-k8.bin"
We have purchased a number of 2911 routers.We got Base & security license as we wanted to enable encryption. However we probably wont use the security.We are replacing 2811 routers.Unfortunately the 2811 routers have FXS ports with 2 - 4 POTS handsets - I completely forgot about these ports when I was ordering.Now I have VIC3-FXS cards which are ok in the 2911 but unfortunately I cant get them to work.I am missing PVDMs (well adapters anyway), and even if I got them the router wont take any commands relating to voice due to the license.Is is possible to 'rehost' the security and turn it into a UC ?I am new to these 2911 and Licensing.
i have 2921 router with base license . i want to upgrade to it to security k9 feature or want to enable it. i have license file with product activation key. how should i do it. if any body have screen shot file
I have to upgrade to an ASA 5510 CSC, and the new license is generated, the file you sent me licensing, only seen this:Activation Code not required for this renewal. Please go to "Administration> Product License" in the CSC SSM console and click "Check Status Online" to get the latest expiration date (BASE: 09/04/2014, PLUS: 09/04/2014).This means that what I have not make any upgrades or license charge in the ASA? Does the automatic update is made?
I'm a beginner on networking, and now i've found a problem while i do an exercise.i have one pc connected at one allied telesys but the last one is a trasparent bridge...the AT is connected whit a fortigate the fortigate does nat..and is connected whit the modem.i can go on server, modem receive ping from pc..is everything right..settings.
Need to deploy ms office compatibility pack via a gpo to a network I work on. I've extracted the exe and have the msi and cab files which I've placed in a network share and given full control permissions to everyone (I did this after it not working a few times with modify), everyone has full control on the 2 files as well.
I've created a new gpo "software deploy" under computer configuration, software, I've assigned a new package and typed the path in the following format \servershareo12.msi. I've moved a test pc into a test ou in ad and back in group policy management I've linked the software deploy gpo to this test ou. I've ran gpupdate /force on both ends.I've restarted the test box, nothing, repeatedly, I even edited the gpo to deploy the software under user and moved a test user into this test ou, same thing, nothing. I then went back to the config above using the computer config instead of user.
