Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

ASA 5520 Activation Key Help

Hi All,

we recently installed a activaiton key for the Anyconnect License on our ASA 5520. We have a pair runnning, in Active/Standby mode, on IOS 8.0. The Activation/License was installed on the Primary ASA. Once installed the all failover configuration was removed, and we were left with 2 ASAs running in Active/Active mode. This cause haoc across the network. I would like to go back and recover and reinstall the old activation key. Is this possible?? If so how would I be able to achieve this. Or do I need to ontain a new license key. Ultimately I would like to get back to the stage before instlaling the Anyconnect License, where we had a 2 ASAs running in Active/Standby mode.

Thank you for your help and suggestions.

Cheers

Deena

oput put from sh activation-key detail and sh version

CH-ASA# sh act det

Serial Number:  JMX1101K2SU

Permanent Flash Activation Key: 0x370fc559 0x2476a024 0xccc355a4 0xacd81440 0x4110329d

Licensed features for this platform:

Maximum Physical Interfaces  : Unlimited

Maximum VLANs                : 150

Inside Hosts                 : Unlimited

Failover                     : Active/Active

VPN-DES                      : Enabled

VPN-3DES-AES                 : Enabled

Security Contexts            : 2

GTP/GPRS                     : Disabled

VPN Peers                    : 750

WebVPN Peers                 : 2

AnyConnect for Mobile        : Disabled

AnyConnect for Linksys phone : Disabled

Advanced Endpoint Assessment : Disabled

UC Proxy Sessions            : 2

Temporary Flash Activation Key: 0x29249e66 0x500f33dc 0xcd79274e 0x534c7c93 0x81bc53bc

Licensed features for this platform:

Maximum Physical Interfaces  : Unlimited

Maximum VLANs                : 150

Inside Hosts                 : Unlimited

Failover                     : Active/Active

VPN-DES                      : Enabled

VPN-3DES-AES                 : Disabled

Security Contexts            : 2

GTP/GPRS                     : Disabled

VPN Peers                    : 750

WebVPN Peers                 : 750

AnyConnect for Mobile        : Disabled

AnyConnect for Linksys phone : Disabled

Advanced Endpoint Assessment : Disabled

UC Proxy Sessions            : 2

This is a time-based license that will expire in 27 day(s).

Running Activation Key: 0x29249e66 0x500f33dc 0xcd79274e 0x534c7c93 0x81bc53bc

Licensed features for this platform:

Maximum Physical Interfaces  : Unlimited

Maximum VLANs                : 150

Inside Hosts                 : Unlimited

Failover                     : Active/Active

VPN-DES                      : Enabled

VPN-3DES-AES                 : Enabled

Security Contexts            : 2

GTP/GPRS                     : Disabled

VPN Peers                    : 750

WebVPN Peers                 : 750

AnyConnect for Mobile        : Disabled

AnyConnect for Linksys phone : Disabled

Advanced Endpoint Assessment : Disabled

UC Proxy Sessions            : 2

This platform has an ASA 5520 VPN Plus license.

This is a time-based license that will expire in 27 day(s).

The flash activation key is the SAME as the running key.

CH-ASA# sh ver

Cisco Adaptive Security Appliance Software Version 8.0(5)

Device Manager Version 6.2(5)53

Compiled on Mon 02-Nov-09 21:22 by builders

System image file is "disk0:/asa805-k8.bin"

Config file at boot was "startup-config"

CH-ASA up 18 hours 30 mins

Hardware:   ASA5520-K8, 2048 MB RAM, CPU Pentium 4 Celeron 2000 MHz

Internal ATA Compact Flash, 256MB

BIOS Flash AT49LW080 @ 0xffe00000, 1024KB

Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)

                             Boot microcode   : CN1000-MC-BOOT-2.00

                             SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.03

                             IPSec microcode  : CNlite-MC-IPSECm-MAIN-2.05

0: Ext: GigabitEthernet0/0  : address is 0019.0665.6dfc, irq 9

1: Ext: GigabitEthernet0/1  : address is 0019.0665.6dfd, irq 9

2: Ext: GigabitEthernet0/2  : address is 0019.0665.6dfe, irq 9

3: Ext: GigabitEthernet0/3  : address is 0019.0665.6dff, irq 9

4: Ext: Management0/0       : address is 0019.0665.6dfb, irq 11

5: Int: Internal-Data0/0    : address is 0000.0001.0002, irq 11

6: Int: Internal-Control0/0 : address is 0000.0001.0001, irq 5

Licensed features for this platform:

Maximum Physical Interfaces  : Unlimited

Maximum VLANs                : 150

Inside Hosts                 : Unlimited

Failover                     : Active/Active

VPN-DES                      : Enabled

VPN-3DES-AES                 : Enabled

Security Contexts            : 2

GTP/GPRS                     : Disabled

VPN Peers                    : 750

WebVPN Peers                 : 750

AnyConnect for Mobile        : Disabled

AnyConnect for Linksys phone : Disabled

Advanced Endpoint Assessment : Disabled

UC Proxy Sessions            : 2

This platform has an ASA 5520 VPN Plus license.

This is a time-based license that will expire in 27 day(s).

Serial Number: JMX1101K2SU

Running Activation Key: 0x29249e66 0x500f33dc 0xcd79274e 0x534c7c93 0x81bc53bc

Configuration register is 0x1

Configuration has not been modified since last system restart.

CH-ASA#

1 REPLY
Hall of Fame Super Silver

Re: ASA 5520 Activation Key Help

If you upgrade your ASA software to a bit more recent image first you can share the AnyConnect license (activation key) across both devices. Otherwise you would need to install a separate activation key on the second unit.

Sent from Cisco Technical Support iPad App

727
Views
0
Helpful
1
Replies
CreatePlease to create content