Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Cisco 1941 K9 temp sec license.. how to manage firewall?

hello,

I have a Cisco 1941 router... ipbasek9. I want to use this at home for my primar LAN->WAN interface.  So i need the Security license enabled.

I have enabled the Security temp/eval license but can not find a way to manage it.

I have tried downloading the Cisco Configuation Assitant, but this errors with "Unsupported Device type"

any help appreciated.  License output and config outbout below (please not WAN interface on 10.0.x is just internal testing WAN IP.  This device is not yet directly connected to the internet.

cisco1941#show lic

Index 1 Feature: ipbasek9                      

Period left: Life time

License Type: Permanent

License State: Active, In Use

License Count: Non-Counted

License Priority: Medium

Index 2 Feature: securityk9                    

Period left: 8  weeks 4  days

License Type: Evaluation

License State: Active, Not in Use, EULA accepted

License Count: Non-Counted

License Priority: Low

Index 3 Feature: datak9                        

Period left: 8  weeks 4  days

License Type: Evaluation

License State: Active, Not in Use, EULA not accepted

License Count: Non-Counted

License Priority: None

Index 4 Feature: SSL_VPN                       

Period left: 8  weeks 4  days

License Type: Evaluation

License State: Active, Not in Use, EULA not accepted

License Count: 75/0/0  (Active/In-use/Violation)

License Priority: None

Index 5 Feature: ios-ips-update 

**************************

SHOW CONFIG

***************************

! Last configuration change at 15:47:24 PCTime Sat Dec 10 2011

! NVRAM config last updated at 15:48:21 PCTime Sat Dec 10 2011

!

version 15.0

no service pad

service tcp-keepalives-in

service tcp-keepalives-out

service timestamps debug datetime msec localtime show-timezone

service timestamps log datetime msec localtime show-timezone

service password-encryption

service sequence-numbers

!

hostname cisco1941

!

boot-start-marker

boot-end-marker

!

logging buffered 51200

logging console critical

enable password 7 053C03032243430C48

!

no aaa new-model

clock timezone PCTime 10

clock summer-time PCTime date Mar 30 2003 3:00 Oct 26 2003 2:00

!

no ipv6 cef

no ip source-route

ip cef

!

!

no ip dhcp conflict logging

ip dhcp excluded-address 192.168.1.254

!

ip dhcp pool mydhcp

   network 192.168.0.0 255.255.255.0

   update dns

   default-router 192.168.0.254

   dns-server 10.0.1.1

!

!

no ip bootp server

no ip domain lookup

multilink bundle-name authenticated

!

!

crypto pki trustpoint TP-self-signed-640030031

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-640030031

revocation-check none

rsakeypair TP-self-signed-640030031

!

!

crypto pki certificate chain TP-self-signed-640030031

certificate self-signed 01 nvram:IOS-Self-Sig#3.cer

license udi pid CISCO1941/K9 sn FHK1421759M

license boot module c1900 technology-package securityk9

license agent notify http://10.0.1.6:1941/clm/servlet/HttpListenServlet dummy dummy

!

!

username admin privilege 15 secret 5 $1$..pd$6F3ks..mAkRmm9n5dizpJ/

!

!

ip tcp synwait-time 10

!

!

!

!

interface GigabitEthernet0/0

description External interface

ip dhcp client hostname Cisco1941

ip address dhcp

no ip redirects

no ip unreachables

no ip proxy-arp

ip flow ingress

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

no mop enabled

!

interface GigabitEthernet0/1

description internal interface$ES_LAN$

ip address 192.168.0.254 255.255.255.0

no ip redirects

no ip unreachables

no ip proxy-arp

ip flow ingress

ip dns view-group 10.0.1.1

ip nat inside

ip virtual-reassembly

duplex auto

speed auto

no mop enabled

!

router rip

version 2

network 10.0.0.0

network 192.168.0.0

!

ip forward-protocol nd

!

ip http server

ip http access-class 23

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

!

ip nat inside source list 1 interface GigabitEthernet0/0 overload

!

logging trap debugging

access-list 1 remark CCP_ACL Category=18

access-list 1 permit 192.168.0.0 0.0.0.255

!

no cdp run

!

!

control-plane

!

banner exec ^C^C

banner login ^C^C

banner motd ^Cine ***** A^C

!

line con 0

login local

line aux 0

line vty 0 4

access-class 23 in

privilege level 15

password 7 073824404D06140046

login

transport input telnet ssh

line vty 5 15

access-class 23 in

privilege level 15

login local

transport input telnet ssh

!

scheduler allocate 20000 1000

ntp source GigabitEthernet0/0

ntp master

end

Everyone's tags (2)
1 REPLY
Purple

Cisco 1941 K9 temp sec license.. how to manage firewall?

Hi,

try CCP, it should be supported.

Regards.

Alain

Don't forget to rate helpful posts.
1678
Views
0
Helpful
1
Replies
CreatePlease login to create content