Cisco ASA 5585 with firepower upgrade 升级 配置证书
想简单描述一下,但看着长,还是把过程都写上吧,记性不好,以后忘了,更重要的是过程记录这原理也许会对以后理解有很大帮助,可以看看。如果想急功近利立刻就好,那么黑体字都不超过15句,照着做应该能完成升级
CISCO ASA 5585 with firepower 升版本分为两部分,因为asa防火墙分为asa的底层系统 和 firepower 服务,所以分别升级
第一步,最简单的,升级asa防火墙固件,和asdm,如果你是8.x版本,那么要参照这个列表http://www.cisco.com/c/en/us/td/docs/security/asa/asa96/upgrade/upgrade96.html按步骤升级,
第二步,升级firepower服务(此步骤另说)
也许你看到了FX-OS,那个是给firepower 4000/9000用的,asa5500系列用不了硬件,FX-OS可能是连底层系统和firepower服务一体的操作系统,以后会是firepower的防火墙和FX-OS的系统
ciscoasa# dir ###查看目录
Directory of disk0:/
21 drwx32768 00:34:46 Apr 02 2016coredumpinfo
145 -rwx52457472 00:36:28 Apr 02 2016asa922-4-smp-k8.bin
146 -rwx24070880 00:37:04 Apr 02 2016asdm-7221.bin
147 -rwx65536 00:00:00 Jan 01 1980FSCK0000.REC
10 drwx32768 00:41:54 Apr 02 2016log
20 drwx32768 00:42:50 Apr 02 2016crypto_archive
149 -rwx65536 00:00:00 Jan 01 1980FSCK0001.REC
150 -rwx12998641 00:43:10 Apr 02 2016csd_3.5.2008-k9.pkg
151 drwx32768 00:43:10 Apr 02 2016sdesktop
152 -rwx6487517 00:43:12 Apr 02 2016anyconnect-macosx-i386-2.5.2014-k9.pkg
153 -rwx6689498 00:43:12 Apr 02 2016anyconnect-linux-2.5.2014-k9.pkg
154 -rwx4678691 00:43:14 Apr 02 2016anyconnect-win-2.5.2014-k9.pkg
155 -rwx32768 00:00:00 Jan 01 1980FSCK0002.REC
156 -rwx32768 00:00:00 Jan 01 1980FSCK0003.REC
157 -rwx32768 00:00:00 Jan 01 1980FSCK0004.REC
158 -rwx32768 00:00:00 Jan 01 1980FSCK0005.REC
159 -rwx32768 00:00:00 Jan 01 1980FSCK0006.REC
160 -rwx32768 00:00:00 Jan 01 1980FSCK0007.REC
161 -rwx32768 00:00:00 Jan 01 1980FSCK0008.REC
162 -rwx32768 00:00:00 Jan 01 1980FSCK0009.REC
163 -rwx32768 00:00:00 Jan 01 1980FSCK0010.REC
164 -rwx32768 00:00:00 Jan 01 1980FSCK0011.REC
165 -rwx65536 00:00:00 Jan 01 1980FSCK0012.REC
166 -rwx65536 00:00:00 Jan 01 1980FSCK0013.REC
167 -rwx65536 00:00:00 Jan 01 1980FSCK0014.REC
168 -rwx32768 00:00:00 Jan 01 1980FSCK0015.REC
169 -rwx32768 00:00:00 Jan 01 1980FSCK0016.REC
170 -rwx32768 00:00:00 Jan 01 1980FSCK0017.REC
171 -rwx32768 00:00:00 Jan 01 1980FSCK0018.REC
172 -rwx32768 00:00:00 Jan 01 1980FSCK0019.REC
2007171072 bytes total (1897070592 bytes free)
ciscoasa# sh ver
Cisco Adaptive Security Appliance Software Version 9.2(2)4
Device Manager Version 7.2(2)1
Compiled on Tue 29-Jul-14 23:41 PDT by builders
System image file is "disk0:/asa922-4-smp-k8.bin"
Config file at boot was "startup-config"
ciscoasa up 3 days 4 hours
Hardware: ASA5585-SSP-20, 12288 MB RAM, CPU Xeon 5500 series 2133 MHz, 1 CPU (8 cores)
Internal ATA Compact Flash, 2048MB
BIOS Flash S25FL032P @ 0x0, 4096KB
Encryption hardware device : Cisco ASA-5585 on-board accelerator (revision 0x1)
Boot microcode : CNPx-MC-BOOT-2.00
SSL/IKE microcode : CNPx-MC-SSL-PLUS-T020
IPSec microcode : CNPx-MC-IPSEC-MAIN-0026
Number of accelerators: 2
Programmable device : Cisco CPLD revision 0x8
0: Int: Internal-Data0/0 : address is 0000.0001.0001, irq 5
2: Int: Internal-Data0/1 : address is 0000.0001.0002, irq 10
5: Ext: Management0/0 : address is 70e4.22ce.dc20, irq 10
6: Ext: Management0/1 : address is 70e4.22ce.dc21, irq 5
28: Ext: GigabitEthernet0/0: address is 70e4.22ce.dc22, irq 255
29: Ext: GigabitEthernet0/1: address is 70e4.22ce.dc23, irq 255
30: Ext: GigabitEthernet0/2: address is 70e4.22ce.dc24, irq 255
31: Ext: GigabitEthernet0/3: address is 70e4.22ce.dc25, irq 255
32: Ext: GigabitEthernet0/4: address is 70e4.22ce.dc26, irq 255
33: Ext: GigabitEthernet0/5: address is 70e4.22ce.dc27, irq 255
34: Ext: GigabitEthernet0/6: address is 70e4.22ce.dc28, irq 255
35: Ext: GigabitEthernet0/7: address is 70e4.22ce.dc29, irq 255
36: Ext: TenGigabitEthernet0/8: address is 70e4.22ce.dc2a, irq 255
37: Ext: TenGigabitEthernet0/9: address is 70e4.22ce.dc2b, irq 255
38: Int: Internal-Data0/2 : address is 0000.0100.0027, irq 255
39: Int: Internal-Data0/3 : address is 0000.0100.0028, irq 255
40: Int: Internal-Data0/4 : address is 0000.0100.0029, irq 255
41: Int: Internal-Data0/5 : address is 0000.0100.002a, irq 255
42: Int: Internal-Data0/6 : address is 0000.0100.002b, irq 255
43: Int: Internal-Data0/7 : address is 0000.0100.002c, irq 255
44: Int: Internal-Data0/8 : address is 0000.0100.002d, irq 255
45: Int: Internal-Data0/9 : address is 0000.0100.002e, irq 255
46: Ext: GigabitEthernet1/0: address is 70e4.22ce.db56, irq 255
47: Ext: GigabitEthernet1/1: address is 70e4.22ce.db57, irq 255
48: Ext: GigabitEthernet1/2: address is 70e4.22ce.db58, irq 255
49: Ext: GigabitEthernet1/3: address is 70e4.22ce.db59, irq 255
50: Ext: GigabitEthernet1/4: address is 70e4.22ce.db5a, irq 255
51: Ext: GigabitEthernet1/5: address is 70e4.22ce.db5b, irq 255
52: Ext: GigabitEthernet1/6: address is 70e4.22ce.db5c, irq 255
53: Ext: GigabitEthernet1/7: address is 70e4.22ce.db5d, irq 255
54: Ext: TenGigabitEthernet1/8: address is 70e4.22ce.db5e, irq 255
55: Ext: TenGigabitEthernet1/9: address is 70e4.22ce.db5f, irq 255
56: Int: Internal-Data1/0 : address is 0100.0100.0039, irq 255
57: Int: Internal-Data1/1 : address is 0100.0100.003a, irq 255
58: Int: Internal-Data1/2 : address is 0100.0100.003b, irq 255
59: Int: Internal-Data1/3 : address is 0100.0100.003c, irq 255
60: Int: Internal-Data1/4 : address is 0100.0100.003d, irq 255
61: Int: Internal-Data1/5 : address is 0100.0100.003e, irq 255
62: Int: Internal-Data1/6 : address is 0100.0100.003f, irq 255
63: Int: Internal-Data1/7 : address is 0100.0100.0040, irq 255
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited perpetual
Maximum VLANs : 1024 perpetual
Inside Hosts : Unlimited perpetual
Failover : Active/Activeperpetual
Encryption-DES : Enabled perpetual
Encryption-3DES-AES : Enabled perpetual
Security Contexts : 2 perpetual
GTP/GPRS : Disabled perpetual
AnyConnect Premium Peers : 2 perpetual
AnyConnect Essentials : Disabled perpetual
Other *** Peers : 10000 perpetual
Total *** Peers : 10000 perpetual
Shared License : Disabled perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco *** Phone : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
UC Phone Proxy Sessions : 2 perpetual
Total UC Proxy Sessions : 2 perpetual
Botnet Traffic Filter : Disabled perpetual
Intercompany Media Engine : Disabled perpetual
10GE I/O : Disabled perpetual
Cluster : Enabled perpetual
This platform has an ASA5585-SSP-20 *** Premium license.
Serial Number: JAD201202ME
Running Permanent Activation Key: 0x9306f871 0x5005cd26 0xfd808568 0xe0c8544c 0x8113d59a
Configuration register is 0x1
Configuration last modified by enable_15 at 21:17:58.339 UTC Thu Jan 19 2017
ciscoasa# copy tftp: disk0:/
Address or name of remote host []? 10.208.224.8
Source filename []? asa962-7-smp-k8.bin
Destination filename ?
Accessing tftp://10.208.224.8/asa962-7-smp-k8.bin...!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Writing file disk0:/asa962-7-smp-k8.bin...
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
89874432 bytes copied in 173.680 secs (519505 bytes/sec)
ciscoasa# copy tftp: disk0:/
Address or name of remote host ?
Source filename ? asdm-762-150.bin
Destination filename ?
Accessing tftp://10.208.224.8/asdm-762-150.bin...!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Writing file disk0:/asdm-762-150.bin...
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
26053720 bytes copied in 47.40 secs (554334 bytes/sec)
ciscoasa# dir
Directory of disk0:/
21 drwx32768 00:34:46 Apr 02 2016coredumpinfo
145 -rwx52457472 00:36:28 Apr 02 2016asa922-4-smp-k8.bin
146 -rwx24070880 00:37:04 Apr 02 2016asdm-7221.bin
147 -rwx65536 00:00:00 Jan 01 1980FSCK0000.REC
10 drwx32768 00:41:54 Apr 02 2016log
20 drwx32768 00:42:50 Apr 02 2016crypto_archive
149 -rwx65536 00:00:00 Jan 01 1980FSCK0001.REC
150 -rwx12998641 00:43:10 Apr 02 2016csd_3.5.2008-k9.pkg
151 drwx32768 00:43:10 Apr 02 2016sdesktop
152 -rwx6487517 00:43:12 Apr 02 2016anyconnect-macosx-i386-2.5.2014-k9.pkg
153 -rwx6689498 00:43:12 Apr 02 2016anyconnect-linux-2.5.2014-k9.pkg
154 -rwx4678691 00:43:14 Apr 02 2016anyconnect-win-2.5.2014-k9.pkg
155 -rwx32768 00:00:00 Jan 01 1980FSCK0002.REC
156 -rwx32768 00:00:00 Jan 01 1980FSCK0003.REC
157 -rwx32768 00:00:00 Jan 01 1980FSCK0004.REC
158 -rwx32768 00:00:00 Jan 01 1980FSCK0005.REC
159 -rwx32768 00:00:00 Jan 01 1980FSCK0006.REC
160 -rwx32768 00:00:00 Jan 01 1980FSCK0007.REC
161 -rwx32768 00:00:00 Jan 01 1980FSCK0008.REC
162 -rwx32768 00:00:00 Jan 01 1980FSCK0009.REC
163 -rwx32768 00:00:00 Jan 01 1980FSCK0010.REC
164 -rwx32768 00:00:00 Jan 01 1980FSCK0011.REC
165 -rwx65536 00:00:00 Jan 01 1980FSCK0012.REC
166 -rwx65536 00:00:00 Jan 01 1980FSCK0013.REC
167 -rwx65536 00:00:00 Jan 01 1980FSCK0014.REC
168 -rwx32768 00:00:00 Jan 01 1980FSCK0015.REC
169 -rwx32768 00:00:00 Jan 01 1980FSCK0016.REC
170 -rwx32768 00:00:00 Jan 01 1980FSCK0017.REC
171 -rwx32768 00:00:00 Jan 01 1980FSCK0018.REC
172 -rwx32768 00:00:00 Jan 01 1980FSCK0019.REC
175 -rwx89874432 02:04:21 Jan 23 2017asa962-7-smp-k8.bin
176 -rwx26053720 02:05:30 Jan 23 2017asdm-762-150.bin
2007171072 bytes total (1781104640 bytes free)
ciscoasa(config)# sh bootvar
BOOT variable =
Current BOOT variable =
CONFIG_FILE variable =
Current CONFIG_FILE variable =
ciscoasa(config)# boot system disk0:/asa962-7-smp-k8.bin###设置system 启动文件
ciscoasa(config)# asdm image disk0:/asdm-762-150.bin###设置image启动文件
ciscoasa# wr ###保存配置
Building configuration...
Cryptochecksum: f8ce634e c16b2a92 153017f3 2b0db929
4988 bytes copied in 1.430 secs (4988 bytes/sec)
ciscoasa# sh bootvar
BOOT variable = disk0:/asa962-7-smp-k8.bin
Current BOOT variable = disk0:/asa962-7-smp-k8.bin
CONFIG_FILE variable =
Current CONFIG_FILE variable =
ciscoasa#>
Proceed with>
ciscoasa#
***
*** --- START GRACEFUL SHUTDOWN ---
Shutting down isakmp
Shutting down License Controller
Shutting down File system
***
*** --- SHUTDOWN NOW ---
ciscoasa(config)# sh bootvar
BOOT variable = disk0:/asa962-7-smp-k8.bin
Current BOOT variable = disk0:/asa962-7-smp-k8.bin
CONFIG_FILE variable =
Current CONFIG_FILE variable =
ciscoasa(config)# sh ver ###核对版本
Cisco Adaptive Security Appliance Software Version 9.6(2)7
Device Manager Version 7.6(2)150
Compiled on Mon 05-Dec-16 12:22 PST by builders
System image file is "disk0:/asa962-7-smp-k8.bin"
Config file at boot was "startup-config"
ciscoasa up 4 mins 17 secs
Hardware: ASA5585-SSP-20, 12029 MB RAM, CPU Xeon 5500 series 2133 MHz, 1 CPU (8 cores)
Internal ATA Compact Flash, 2048MB
BIOS Flash S25FL032P @ 0x0, 4096KB
Encryption hardware device : Cisco ASA-5585 on-board accelerator (revision 0x1)
Boot microcode : CNPx-MC-BOOT-2.00
SSL/IKE microcode : CNPx-MC-SSL-SB-PLUS-0005
IPSec microcode : CNPx-MC-IPSEC-MAIN-0026
Number of accelerators: 2
Programmable device : Cisco CPLD revision 0x8
0: Int: Internal-Data0/0 : address is 0000.0001.0001, irq 5
最后申请个license,因为要用cluster功能,得去申请,以前低端的好像自己就能申请,去cisco官网/go/license get other licenses--》 IPS,Crypto,Other --》cisco asa 3des/aes license,输入序列号下一步即可
可是这次的5585可能比5515 5525高端,在go/license里申请了,无效,好多功能还是没有开启,是有cisco给申请了,开个case吧,license就是一组绑了序列号等的校验密码组,收到后activation-key一下就ok了,一般不用重启。
如下,以其中一台为例:
ciscoasa# sh version ###查看版本
Cisco Adaptive Security Appliance Software Version 9.6(2)7
Device Manager Version 7.6(2)150
Compiled on Mon 05-Dec-16 12:22 PST by builders
System image file is "disk0:/asa962-7-smp-k8.bin"
Config file at boot was "startup-config"
ciscoasa up 1 day 4 hours
Hardware: ASA5585-SSP-20, 12029 MB RAM, CPU Xeon 5500 series 2133 MHz, 1 CPU (8 cores)
Internal ATA Compact Flash, 2048MB
BIOS Flash S25FL032P @ 0x0, 4096KB
Encryption hardware device : Cisco ASA-5585 on-board accelerator (revision 0x1)
Boot microcode : CNPx-MC-BOOT-2.00
SSL/IKE microcode : CNPx-MC-SSL-SB-PLUS-0005
IPSec microcode : CNPx-MC-IPSEC-MAIN-0026
Number of accelerators: 2
Programmable device : Cisco CPLD revision 0x8
0: Int: Internal-Data0/0 : address is 0000.0001.0001, irq 5
2: Int: Internal-Data0/1 : address is 0000.0001.0002, irq 10
5: Ext: Management0/0 : address is 0078.8805.4b2c, irq 10
6: Ext: Management0/1 : address is 0078.8805.4b2d, irq 5
28: Ext: GigabitEthernet0/0: address is 0078.8805.4b2e, irq 255
29: Ext: GigabitEthernet0/1: address is 0078.8805.4b2f, irq 255
30: Ext: GigabitEthernet0/2: address is 0078.8805.4b30, irq 255
31: Ext: GigabitEthernet0/3: address is 0078.8805.4b31, irq 255
32: Ext: GigabitEthernet0/4: address is 0078.8805.4b32, irq 255
33: Ext: GigabitEthernet0/5: address is 0078.8805.4b33, irq 255
34: Ext: GigabitEthernet0/6: address is 0078.8805.4b34, irq 255
35: Ext: GigabitEthernet0/7: address is 0078.8805.4b35, irq 255
36: Ext: TenGigabitEthernet0/8: address is 0078.8805.4b36, irq 255
37: Ext: TenGigabitEthernet0/9: address is 0078.8805.4b37, irq 255
38: Int: Internal-Data0/2 : address is 0000.0100.0027, irq 255
39: Int: Internal-Data0/3 : address is 0000.0100.0028, irq 255
40: Int: Internal-Data0/4 : address is 0000.0100.0029, irq 255
41: Int: Internal-Data0/5 : address is 0000.0100.002a, irq 255
42: Int: Internal-Data0/6 : address is 0000.0100.002b, irq 255
43: Int: Internal-Data0/7 : address is 0000.0100.002c, irq 255
44: Int: Internal-Data0/8 : address is 0000.0100.002d, irq 255
45: Int: Internal-Data0/9 : address is 0000.0100.002e, irq 255
46: Ext: GigabitEthernet1/0: address is 0078.8805.4c1e, irq 255
47: Ext: GigabitEthernet1/1: address is 0078.8805.4c1f, irq 255
48: Ext: GigabitEthernet1/2: address is 0078.8805.4c20, irq 255
49: Ext: GigabitEthernet1/3: address is 0078.8805.4c21, irq 255
50: Ext: GigabitEthernet1/4: address is 0078.8805.4c22, irq 255
51: Ext: GigabitEthernet1/5: address is 0078.8805.4c23, irq 255
52: Ext: GigabitEthernet1/6: address is 0078.8805.4c24, irq 255
53: Ext: GigabitEthernet1/7: address is 0078.8805.4c25, irq 255
54: Ext: TenGigabitEthernet1/8: address is 0078.8805.4c26, irq 255
55: Ext: TenGigabitEthernet1/9: address is 0078.8805.4c27, irq 255
56: Int: Internal-Data1/0 : address is 0100.0100.0039, irq 255
57: Int: Internal-Data1/1 : address is 0100.0100.003a, irq 255
58: Int: Internal-Data1/2 : address is 0100.0100.003b, irq 255
59: Int: Internal-Data1/3 : address is 0100.0100.003c, irq 255
60: Int: Internal-Data1/4 : address is 0100.0100.003d, irq 255
61: Int: Internal-Data1/5 : address is 0100.0100.003e, irq 255
62: Int: Internal-Data1/6 : address is 0100.0100.003f, irq 255
63: Int: Internal-Data1/7 : address is 0100.0100.0040, irq 255
Licensed features for this platform: ###各种所需功能
Maximum Physical Interfaces : Unlimited perpetual
Maximum VLANs : 1024 perpetual
Inside Hosts : Unlimited perpetual
Failover : Active/Activeperpetual
Encryption-DES : Enabled perpetual
Encryption-3DES-AES : Enabled perpetual
Security Contexts : 2 perpetual
Carrier : Disabled perpetual
AnyConnect Premium Peers : 2 perpetual
AnyConnect Essentials : Disabled perpetual
Other *** Peers : 10000 perpetual
Total *** Peers : 10000 perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco *** Phone : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
Shared License : Disabled perpetual
Total TLS Proxy Sessions : 2 perpetual
Botnet Traffic Filter : Disabled perpetual
10GE I/O : Disabled perpetual
Cluster : Disabled perpetual
This platform has an ASA5585-SSP-20 *** Premium license.
Serial Number: JAD201202NP
Running Permanent Activation Key: 0xc53dd057 0xf4b003be 0x70e25120 0x87f44c60 0x4a221b98
Configuration register is 0x1
Image type :> Key version : A
Configuration has not been modified since last system restart.
ciscoasa#
ciscoasa# activation-key c53dd057 f4b003be 70e25120 87f44c60 4a221b98 ###上面的sh ver可以看到cluster 是disable 的 ,申请个激活证书并激活,然并卵,证书不对
Validating activation key. This may take a few minutes...
The requested key is the SAME as the flash permanent activation-key.
The flash activation key will not be modified.
ciscoasa# sh version ###验证一下
Cisco Adaptive Security Appliance Software Version 9.6(2)7
Device Manager Version 7.6(2)150
Compiled on Mon 05-Dec-16 12:22 PST by builders
System image file is "disk0:/asa962-7-smp-k8.bin"
Config file at boot was "startup-config"
ciscoasa up 1 day 4 hours
Hardware: ASA5585-SSP-20, 12029 MB RAM, CPU Xeon 5500 series 2133 MHz, 1 CPU (8 cores)
Internal ATA Compact Flash, 2048MB
BIOS Flash S25FL032P @ 0x0, 4096KB
Encryption hardware device : Cisco ASA-5585 on-board accelerator (revision 0x1)
Boot microcode : CNPx-MC-BOOT-2.00
SSL/IKE microcode : CNPx-MC-SSL-SB-PLUS-0005
IPSec microcode : CNPx-MC-IPSEC-MAIN-0026
Number of accelerators: 2
Programmable device : Cisco CPLD revision 0x8
0: Int: Internal-Data0/0 : address is 0000.0001.0001, irq 5
2: Int: Internal-Data0/1 : address is 0000.0001.0002, irq 10
5: Ext: Management0/0 : address is 0078.8805.4b2c, irq 10
6: Ext: Management0/1 : address is 0078.8805.4b2d, irq 5
28: Ext: GigabitEthernet0/0: address is 0078.8805.4b2e, irq 255
29: Ext: GigabitEthernet0/1: address is 0078.8805.4b2f, irq 255
30: Ext: GigabitEthernet0/2: address is 0078.8805.4b30, irq 255
31: Ext: GigabitEthernet0/3: address is 0078.8805.4b31, irq 255
32: Ext: GigabitEthernet0/4: address is 0078.8805.4b32, irq 255
33: Ext: GigabitEthernet0/5: address is 0078.8805.4b33, irq 255
34: Ext: GigabitEthernet0/6: address is 0078.8805.4b34, irq 255
35: Ext: GigabitEthernet0/7: address is 0078.8805.4b35, irq 255
36: Ext: TenGigabitEthernet0/8: address is 0078.8805.4b36, irq 255
37: Ext: TenGigabitEthernet0/9: address is 0078.8805.4b37, irq 255
38: Int: Internal-Data0/2 : address is 0000.0100.0027, irq 255
39: Int: Internal-Data0/3 : address is 0000.0100.0028, irq 255
40: Int: Internal-Data0/4 : address is 0000.0100.0029, irq 255
41: Int: Internal-Data0/5 : address is 0000.0100.002a, irq 255
42: Int: Internal-Data0/6 : address is 0000.0100.002b, irq 255
43: Int: Internal-Data0/7 : address is 0000.0100.002c, irq 255
44: Int: Internal-Data0/8 : address is 0000.0100.002d, irq 255
45: Int: Internal-Data0/9 : address is 0000.0100.002e, irq 255
46: Ext: GigabitEthernet1/0: address is 0078.8805.4c1e, irq 255
47: Ext: GigabitEthernet1/1: address is 0078.8805.4c1f, irq 255
48: Ext: GigabitEthernet1/2: address is 0078.8805.4c20, irq 255
49: Ext: GigabitEthernet1/3: address is 0078.8805.4c21, irq 255
50: Ext: GigabitEthernet1/4: address is 0078.8805.4c22, irq 255
51: Ext: GigabitEthernet1/5: address is 0078.8805.4c23, irq 255
52: Ext: GigabitEthernet1/6: address is 0078.8805.4c24, irq 255
53: Ext: GigabitEthernet1/7: address is 0078.8805.4c25, irq 255
54: Ext: TenGigabitEthernet1/8: address is 0078.8805.4c26, irq 255
55: Ext: TenGigabitEthernet1/9: address is 0078.8805.4c27, irq 255
56: Int: Internal-Data1/0 : address is 0100.0100.0039, irq 255
57: Int: Internal-Data1/1 : address is 0100.0100.003a, irq 255
58: Int: Internal-Data1/2 : address is 0100.0100.003b, irq 255
59: Int: Internal-Data1/3 : address is 0100.0100.003c, irq 255
60: Int: Internal-Data1/4 : address is 0100.0100.003d, irq 255
61: Int: Internal-Data1/5 : address is 0100.0100.003e, irq 255
62: Int: Internal-Data1/6 : address is 0100.0100.003f, irq 255
63: Int: Internal-Data1/7 : address is 0100.0100.0040, irq 255
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited perpetual
Maximum VLANs : 1024 perpetual
Inside Hosts : Unlimited perpetual
Failover : Active/Activeperpetual
Encryption-DES : Enabled perpetual
Encryption-3DES-AES : Enabled perpetual
Security Contexts : 2 perpetual
Carrier : Disabled perpetual
AnyConnect Premium Peers : 2 perpetual
AnyConnect Essentials : Disabled perpetual
Other *** Peers : 10000 perpetual
Total *** Peers : 10000 perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco *** Phone : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
Shared License : Disabled perpetual
Total TLS Proxy Sessions : 2 perpetual
Botnet Traffic Filter : Disabled perpetual
10GE I/O : Disabled perpetual
Cluster : Disabled perpetual
This platform has an ASA5585-SSP-20 *** Premium license.
Serial Number: JAD201202NP
Running Permanent Activation Key: 0xc53dd057 0xf4b003be 0x70e25120 0x87f44c60 0x4a221b98
Configuration register is 0x1
Image type :> Key version : A
Configuration has not been modified since last system restart.
最后开case,cisco给个证书,执行activation-key 即可
页:
[1]