Customer to setup smart licence account with cisco https://software.cisco.com/
Needs to be setup with user@customer-domain.com email
Once setup get them to add you as admin
When buying licenses specific the smart account with the disti/vendor. Often they mess it up and the smart license goes into limbo. You then need to open a case with licensing team licensing@cisco.com
Once you get the license appearing in the smart license console you need to assign it to the device.
https://www.cisco.com/c/en/us/td/docs/security/asa/asa98/configuration/general/asa-98-general-config/intro-license-smart.html#id_57013
YOU MUST BE ADMIN ON CUSTOMER SMART ACCOUNT
Generate token in the cloud and copy to a notepad
On FTD/ASA
conf t
call-home
license smart deregister
ping 8.8.8.8
ping tools.cisco.com (need to reach this for smart licensing) may need to config an internet connection / DNS / routes.
license smart
feature tier standard
feature strong-encryption
license smart register idtoken XXXXXXXXXXXXXXXXXXXXXXXXXXXXX
license smart renew auth
show license summary
sh ver
OLD CIPHER ISSUE
Once you get the license applied watch out for another issues
Old 3DES / MD5 / SHA / DH Group2 etc are removed
The FTD automatically replaces them with AES256 and SHA256 but the IKE profile will still be called 3DES MD5. You will need to check S2S VPN's settings and upgrade them before upgrading ASA
No comments:
Post a Comment