I'm setting up a ASA5545-X which has been purchased with CX capabilities ASA 5545-X CX AVC and Web Security Essentials 1Y (Promo) and I have a couple of issues:
The first is I've received the license that was generated through the PAK code - but I can't work out how to get this licence onto the appliance. It doesn't have a activation key but instead has a ".lic" file is presumably to be imported onto the box - but how?!! These are the instructions for installation of the licence but I'm guessing that these are CX menus.
Follow these steps to install your ASA-CX license file:
1. Select Administration > Licenses.
2. Select I want to > Upload License File.
3. In the Upload License File panel, click Browse and select the license file from your workstation or network drive.
4. Click Upload.
The second issue which may well be resolved when the first issue is resolved but I cannot connect to or manage the CX software module - when I manage the appliance through the ASDM there's no mention of the CX capability...
Documentation suggests that I should be able to manage the appliance via the internal management address of 192.168.1.2 but I'm unable to do so.
Any help you can provide would be greatly appreciated....
The SSD is required for CX to work in the midrange 5500-X series. Without it you cannot installl CX.
For a new 5545, that means you should have purchased SKU "ASA5545-2SSD120-K9". That includes the SSD.
If for whatever reason you do not have the SSD, you will need to order one. The SKU for that would be "ASA5500X-SSD120=", which is "ASA 5512-X through 5555-X 120GB MLC SED SSD (spare)".
It looks like perhaps the SSD was ordered separately from the firewall or otherwise not loaded at all with CX software.
In that case, you need to follow the steps outlined in section 5 of the Getting Started Guide that I linked to above. It's not too difficult - just has it's own steps and they're laid out pretty clearly there. I've done it a couple of times and it always worked fine.
Yes those instructions are using the PRSM (Prime Security Manager) menu GUI that runs on CX.
Verify your module is running ok - from the ASA CLI, "show module". You are looking for the cxsc module to have status "up".
If it is up and running, the you need to have the ASA physical management interface connected, up and reachable. If you're already using it for managing the ASA software, that's OK - PRSM will share it - but you'll have to adjust the default PRSM IP address accordingly. Otherwise, you can use the management port exclusively for PRSM if you desire.
In any case, you should run the CX module setup CLI script via sessioning in from the ASA CLI first. You can also do some very minimal setup by running the ASA setup wizard in ASDM and skipping through to the CX page (assuming you have a module with status "up" as I noted above,
Please have a look at the Getting Started Guide here for more info: