|
|
< Day Day Up > |
|
Managing LicensesAs mentioned in Chapter 3, "Hardware Overview," the security appliance controls security and networking features through the use of a license key. The information of the currently installed license key can be obtained by issuing the show version command. This command also displays other system information, such as:
Example 4-2 shows the output of show version, which has a VPN Plus-based license key installed. Example 4-2. Output of show versionChicago> show version Cisco ASA Software Version 7.0(1) Device Manager Version 5.0(1) Compiled on Thu 31-Mar-05 14:37 by builders System image file is "disk0:/ASA701.bin" Config file at boot was "startup-config" Chicago up 8 hours 32 mins Hardware: ASA5540, 1024 MB RAM, CPU Pentium 4 2000 MHz Internal ATA Compact Flash, 63MB BIOS Flash M50FW016 @ 0xffe00000, 2048KB Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0) Boot microcode : ?CNlite-MC-Boot-Cisco-1.2 SSL/IKE microcode: ?CNlite-MC-IPSEC-Admin-3.03 IPSec microcode : ?CNlite-MC-IPSECm-MAIN-2.03 0: Ext: GigabitEthernet0/0 : media index 0: irq 9 1: Ext: GigabitEthernet0/1 : media index 1: irq 9 2: Ext: GigabitEthernet0/2 : media index 2: irq 9 3: Ext: GigabitEthernet0/3 : media index 3: irq 9 4: Ext: Management0/0 : media index 0: irq 11 5: Int: Not licensed : media index 4: irq 11 6: Int: Not licensed : media index 1: irq 5 License Features for this Platform: Maximum Physical Interfaces : Unlimited Maximum VLANs : 100 Inside Hosts : Unlimited Failover : Active/Active VPN-DES : Enabled VPN-3DES-AES : Enabled Security Contexts : 20 GTP/GPRS : Enabled VPN Peers : 2000 This machine has a Plus license. Serial Number: JABXXXXXXXX Running Activation Key: 0xXXXXXXXX 0xXXXXXXXX 0xXXXXXXXX 0xXXXXXXXX 0xXXXXXXXX Configuration register is 0x1 Configuration last modified by enable_15 at 22:11:22.123 UTC Fri Aug 1 2005 In Example 4-2, the security appliance is running a system image of 7.0(1) with the ASDM image of 5.0(1). The hardware model is ASA5540 running the Plus license. The serial number and the license activation key are masked to protect the identity of this system. The configuration register is set to 0x1, which instructs the security appliance to load the image from flash. The configuration register is discussed later in this chapter, in the section "Configuring the Password Recovery Process." You can change the installed license key by using the activation-key command followed by the five-tuple key, as shown in Example 4-3. Once the new activation key is entered, the security appliance shows the features set activated by the new license key. In this example, a VPN premium license key is installed. Example 4-3. Changing the Activation KeyChicago# activation-key 0x11223344 0x55667788 0x9900aabb 0xccddeeff 0x01234567 Licensed features for this platform: Maximum Physical Interfaces : Unlimited Maximum VLANs : 100 Inside Hosts : Unlimited Failover : Active/Active VPN-DES : Enabled VPN-3DES-AES : Enabled Security Contexts : 50 GTP/GPRS : Disabled VPN Peers : 5000 This machine has a VPN Premium license. Both running and flash activation keys were updated with the requested key. |
|
|
< Day Day Up > |
|