Configuring licenses – Cisco ASA 5505 User Manual
Page 152
3-32
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter 3 Managing Feature Licenses
Configuring Licenses
•
Downgrading to Version 8.1 or earlier—After you upgrade, if you activate additional feature
licenses that were introduced before 8.2, then the activation key continues to be compatible with
earlier versions if you downgrade. However if you activate feature licenses that were introduced in
8.2 or later, then the activation key is not backward compatible. If you have an incompatible license
key, then see the following guidelines:
–
If you previously entered an activation key in an earlier version, then the ASA uses that key
(without any of the new licenses you activated in Version 8.2 or later).
–
If you have a new system and do not have an earlier activation key, then you need to request a
new activation key compatible with the earlier version.
•
Downgrading to Version 8.2 or earlier—Version 8.3 introduced more robust time-based key usage
as well as failover license changes:
–
If you have more than one time-based activation key active, when you downgrade, only the most
recently activated time-based key can be active. Any other keys are made inactive. If the last
time-based license is for a feature introduced in 8.3, then that license still remains the active
license even though it cannot be used in earlier versions. Reenter the permanent key or a valid
time-based key.
–
If you have mismatched licenses on a failover pair, then downgrading will disable failover. Even
if the keys are matching, the license used will no longer be a combined license.
–
If you have one time-based license installed, but it is for a feature introduced in 8.3, then after
you downgrade, that time-based license remains active. You need to reenter the permanent key
to disable the time-based license.
Additional Guidelines and Limitations
•
The activation key is not stored in your configuration file; it is stored as a hidden file in flash
memory.
•
The activation key is tied to the serial number of the device. Feature licenses cannot be transferred
between devices (except in the case of a hardware failure). If you have to replace your device due
to a hardware failure and it is covered by Cisco TAC, contact the Cisco Licensing Team to have your
existing license transferred to the new serial number. The Cisco Licensing Team will ask for the
Product Authorization Key reference number and existing serial number.
•
Once purchased, you cannot return a license for a refund or for an upgraded license.
•
Although you can activate all license types, some features are incompatible with each other; for
example, multiple context mode and VPN. In the case of the AnyConnect Essentials license, the
license is incompatible with the following licenses: AnyConnect Premium license, shared
AnyConnect Premium license, and Advanced Endpoint Assessment license. By default, the
AnyConnect Essentials license is used instead of the above licenses, but you can disable the
AnyConnect Essentials license in the configuration to restore use of the other licenses using the no
anyconnect-essentials command.
Configuring Licenses
This section includes the following topics:
•
Obtaining an Activation Key, page 3-33
•
Activating or Deactivating Keys, page 3-33
•