Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA 5510: Enabling a second DMZ


I have just bought an ASA5510-AIP10-K9

(ASA 5510 Appliance with AIP-SSM-10, SW, 3FE, 3DES/AES) to implement perimeter security. I planned to use only 1 DMZ (plus internal and external interfaces) but things have changed, and now I need to implement a second DMZ. The ASA-5510 has 4 ports in-built but mine only 3 are available. How can I enable the fourth port (2nd DMZ)? Someone told me about a license, but I do not find info about it. Please help me.

Cisco Employee

Re: ASA 5510: Enabling a second DMZ

The 5510 with a base license has only 3 ports enabled. You need to purchase a "Security Plus" license to enable the 4th and 5th ports.

You can either contact your resellar, partner or Cisco direct and they will be happy to sell you one :-) Not sure of the part number off hand.

You can see the difference between the base license and the SecPlus license on the data sheet here:

New Member

Re: ASA 5510: Enabling a second DMZ


I found this license:

ASA5510-SEC-PL (ASA 5510 Security Plus License w/ A/S HA, more VLANs + conns)

Could you confirm it is OK?

Do you know how to activate this license in ASA?

Is there some procedure to do it?

Cisco Employee

Re: ASA 5510: Enabling a second DMZ

Yep, that's looks like the right one. Basically when you purchase this you'll be given a new activation key, which you enter using the "activation-key" command in the ASA. Once that is entered you'll be running a SecPlus license.

CreatePlease to create content