Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

Configuration of ASA5512-SSD120-K9 with WSE and AVC License

Hello Cisco Team,

I would like to seek your assistance on how to install and configure the Web security essential and And application visibility control license from the ASA5512-SSD120-K9?

Do you happen to have a PDF documentation guide and process on how to install the licenses.

 

Best regards,


Ed

2 ACCEPTED SOLUTIONS

Accepted Solutions
Hall of Fame Super Silver

First you need to get the CX

First you need to get the CX module running and accessible so that you can manage the Next Gen Firewall services (WSE, AVC and IPS). It's managed separately from the base ASA Follow the Quick Start Guide if you haven't done that yet.

Then log into PRSM (the GUI) and follow the User Guide section on Managing System Licenses.

Your licenses should have been received already before beginning this step. If you don't have them, you will need to locate your Product Authorization Key (PAK - should have been received as part of your order fulfillment) and follow the instructions on the self-service licensing portal to obtain the license (.lic) file(s).

Hall of Fame Super Silver

It appears you're running 9.1

It appears you're running 9.1(1) and using Chrome. That was the first PRSM / CX release and very buggy. It has particularly a lot of issues rendering correctly in various browsers.

Please upgrade to the current release (9.3.x) and check again - that should help a lot.

Your port forwarding is a totally separate issue. Please start a new thread for that.

3 REPLIES
Hall of Fame Super Silver

First you need to get the CX

First you need to get the CX module running and accessible so that you can manage the Next Gen Firewall services (WSE, AVC and IPS). It's managed separately from the base ASA Follow the Quick Start Guide if you haven't done that yet.

Then log into PRSM (the GUI) and follow the User Guide section on Managing System Licenses.

Your licenses should have been received already before beginning this step. If you don't have them, you will need to locate your Product Authorization Key (PAK - should have been received as part of your order fulfillment) and follow the instructions on the self-service licensing portal to obtain the license (.lic) file(s).

Hello Marvin, Thank you very

Hello Marvin,

 

Thank you very much for the quick start up guide that you have provided it was all accurate and very helpful indeed.

However I did encounter some issue after loading the WSE and AVC.

 

Please refer to the attached screenshots for a detailed view of my issue.

 

CISCO PRIME SECURITY MANAGER

DASHBOARD

LICENSES SUCCESSFULLY LOADED

-APPLICATION VISIBILITY AND CONTROL

-WEB SECURITY ESSENTIALS

After installing the licenses, I checked the policies section but there’s no option to add a policy,

Even the Application section doesn’t have an option to add or a built in objects.

I tried adding an object to the object section but after adding, nothings change in the policies and application section.

    
   
 
  

After creating an object, no object was displayed on the object section. Based on what I’ve seen on some Quick reference guide & tutorials regarding Cisco Prime Security Manager, I should have an option on adding a Policy on the Policies>Policies section.

Question.

  1. How can I add a policy on the Cisco Prime Security Manager?
  2. How can I add or update URL/Application category in Cisco Prime Security Manager?
  3. Do I need to integrate it to a separate server to be able to accomplish the web filtering and application control?
  4. How come that there is no built in category listed on the policy section?

 

Lastly I did encounter some port forwarding issues

I tried adding a Port Forwarding rules via Public Servers module, after adding some rules I encountered an error stating that there’s a configuration overlap, but as seen on the screenshot below there are no existing configuration that might cause the conflict.

QUESTION:

  1. Is there any way we can solve this issue?
  2. How come that the ASA states that there’s a conflict in the configuration where there’s no existing configuration identical to the one’s I’m adding.

 

 
  

Your assistance is greatly appreciated, Let me know if you have any questions.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Hall of Fame Super Silver

It appears you're running 9.1

It appears you're running 9.1(1) and using Chrome. That was the first PRSM / CX release and very buggy. It has particularly a lot of issues rendering correctly in various browsers.

Please upgrade to the current release (9.3.x) and check again - that should help a lot.

Your port forwarding is a totally separate issue. Please start a new thread for that.

196
Views
4
Helpful
3
Replies