Missing crypto options on Cisco 5540 firewall?
Clash Royale CLAN TAG#URR8PPP
up vote
1
down vote
favorite
ASA 5540 VPN Premium license. Version 9.1(7)
asa01(config)# crypto key generate rsa label sslvpnkey
^
ERROR: % Invalid input detected at '^' marker.
It seems I'm missing options for crypto:
asa01(config)# crypto ?
configure mode commands/options:
engine Configure crypto engine
isakmp Configure ISAKMP
sh ver
output:
Cisco Adaptive Security Appliance Software Version 9.1(7) <system>
Compiled on Thu 14-Jan-16 09:37 by builders
System image file is "disk0:/asa917-k8.bin"
Config file at boot was "startup-config"
asa01 up 9 mins 24 secs
Hardware: ASA5540, 2048 MB RAM, CPU Pentium 4 2000 MHz,
Internal ATA Compact Flash, 256MB
BIOS Flash M50FW080 @ 0xfff00000, 1024KB
Encryption hardware device : Cisco ASA-55xx on-board accelerator (revision 0x0)
Boot microcode : CN1000-MC-BOOT-2.00
SSL/IKE microcode : CNlite-MC-SSLm-PLUS-2.08
IPSec microcode : CNlite-MC-IPSECm-MAIN-2.09
Number of accelerators: 1
0: Ext: GigabitEthernet0/0 : address is 0025.45d7.883a, irq 9
1: Ext: GigabitEthernet0/1 : address is 0025.45d7.883b, irq 9
2: Ext: GigabitEthernet0/2 : address is 0025.45d7.883c, irq 9
3: Ext: GigabitEthernet0/3 : address is 0025.45d7.883d, irq 9
4: Ext: Management0/0 : address is 0025.45d7.883e, irq 11
5: Int: Not used : irq 11
6: Int: Not used : irq 5
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited perpetual
Maximum VLANs : 200 perpetual
Inside Hosts : Unlimited perpetual
Failover : Active/Active perpetual
Encryption-DES : Enabled perpetual
Encryption-3DES-AES : Enabled perpetual
Security Contexts : 2 perpetual
GTP/GPRS : Disabled perpetual
AnyConnect Premium Peers : 2 perpetual
AnyConnect Essentials : Disabled perpetual
Other VPN Peers : 5000 perpetual
Total VPN Peers : 5000 perpetual
Shared License : Disabled perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
UC Phone Proxy Sessions : 2 perpetual
Total UC Proxy Sessions : 2 perpetual
Botnet Traffic Filter : Disabled perpetual
Intercompany Media Engine : Disabled perpetual
Cluster : Enabled perpetual
This platform has an ASA 5540 VPN Premium license.
Serial Number: ***********
Running Permanent Activation Key: ********** ********** ********** ********** **********
Configuration register is 0x1
Configuration has not been modified since last system restart.
Why am I missing options?
firewall cisco-asa
migrated from serverfault.com 38 mins ago
This question came from our site for system and network administrators.
add a comment |Â
up vote
1
down vote
favorite
ASA 5540 VPN Premium license. Version 9.1(7)
asa01(config)# crypto key generate rsa label sslvpnkey
^
ERROR: % Invalid input detected at '^' marker.
It seems I'm missing options for crypto:
asa01(config)# crypto ?
configure mode commands/options:
engine Configure crypto engine
isakmp Configure ISAKMP
sh ver
output:
Cisco Adaptive Security Appliance Software Version 9.1(7) <system>
Compiled on Thu 14-Jan-16 09:37 by builders
System image file is "disk0:/asa917-k8.bin"
Config file at boot was "startup-config"
asa01 up 9 mins 24 secs
Hardware: ASA5540, 2048 MB RAM, CPU Pentium 4 2000 MHz,
Internal ATA Compact Flash, 256MB
BIOS Flash M50FW080 @ 0xfff00000, 1024KB
Encryption hardware device : Cisco ASA-55xx on-board accelerator (revision 0x0)
Boot microcode : CN1000-MC-BOOT-2.00
SSL/IKE microcode : CNlite-MC-SSLm-PLUS-2.08
IPSec microcode : CNlite-MC-IPSECm-MAIN-2.09
Number of accelerators: 1
0: Ext: GigabitEthernet0/0 : address is 0025.45d7.883a, irq 9
1: Ext: GigabitEthernet0/1 : address is 0025.45d7.883b, irq 9
2: Ext: GigabitEthernet0/2 : address is 0025.45d7.883c, irq 9
3: Ext: GigabitEthernet0/3 : address is 0025.45d7.883d, irq 9
4: Ext: Management0/0 : address is 0025.45d7.883e, irq 11
5: Int: Not used : irq 11
6: Int: Not used : irq 5
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited perpetual
Maximum VLANs : 200 perpetual
Inside Hosts : Unlimited perpetual
Failover : Active/Active perpetual
Encryption-DES : Enabled perpetual
Encryption-3DES-AES : Enabled perpetual
Security Contexts : 2 perpetual
GTP/GPRS : Disabled perpetual
AnyConnect Premium Peers : 2 perpetual
AnyConnect Essentials : Disabled perpetual
Other VPN Peers : 5000 perpetual
Total VPN Peers : 5000 perpetual
Shared License : Disabled perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
UC Phone Proxy Sessions : 2 perpetual
Total UC Proxy Sessions : 2 perpetual
Botnet Traffic Filter : Disabled perpetual
Intercompany Media Engine : Disabled perpetual
Cluster : Enabled perpetual
This platform has an ASA 5540 VPN Premium license.
Serial Number: ***********
Running Permanent Activation Key: ********** ********** ********** ********** **********
Configuration register is 0x1
Configuration has not been modified since last system restart.
Why am I missing options?
firewall cisco-asa
migrated from serverfault.com 38 mins ago
This question came from our site for system and network administrators.
Did it work before you installed the firmware update?
â Michael Hampton
47 mins ago
@MichaelHampton No
â Don Peat
44 mins ago
add a comment |Â
up vote
1
down vote
favorite
up vote
1
down vote
favorite
ASA 5540 VPN Premium license. Version 9.1(7)
asa01(config)# crypto key generate rsa label sslvpnkey
^
ERROR: % Invalid input detected at '^' marker.
It seems I'm missing options for crypto:
asa01(config)# crypto ?
configure mode commands/options:
engine Configure crypto engine
isakmp Configure ISAKMP
sh ver
output:
Cisco Adaptive Security Appliance Software Version 9.1(7) <system>
Compiled on Thu 14-Jan-16 09:37 by builders
System image file is "disk0:/asa917-k8.bin"
Config file at boot was "startup-config"
asa01 up 9 mins 24 secs
Hardware: ASA5540, 2048 MB RAM, CPU Pentium 4 2000 MHz,
Internal ATA Compact Flash, 256MB
BIOS Flash M50FW080 @ 0xfff00000, 1024KB
Encryption hardware device : Cisco ASA-55xx on-board accelerator (revision 0x0)
Boot microcode : CN1000-MC-BOOT-2.00
SSL/IKE microcode : CNlite-MC-SSLm-PLUS-2.08
IPSec microcode : CNlite-MC-IPSECm-MAIN-2.09
Number of accelerators: 1
0: Ext: GigabitEthernet0/0 : address is 0025.45d7.883a, irq 9
1: Ext: GigabitEthernet0/1 : address is 0025.45d7.883b, irq 9
2: Ext: GigabitEthernet0/2 : address is 0025.45d7.883c, irq 9
3: Ext: GigabitEthernet0/3 : address is 0025.45d7.883d, irq 9
4: Ext: Management0/0 : address is 0025.45d7.883e, irq 11
5: Int: Not used : irq 11
6: Int: Not used : irq 5
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited perpetual
Maximum VLANs : 200 perpetual
Inside Hosts : Unlimited perpetual
Failover : Active/Active perpetual
Encryption-DES : Enabled perpetual
Encryption-3DES-AES : Enabled perpetual
Security Contexts : 2 perpetual
GTP/GPRS : Disabled perpetual
AnyConnect Premium Peers : 2 perpetual
AnyConnect Essentials : Disabled perpetual
Other VPN Peers : 5000 perpetual
Total VPN Peers : 5000 perpetual
Shared License : Disabled perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
UC Phone Proxy Sessions : 2 perpetual
Total UC Proxy Sessions : 2 perpetual
Botnet Traffic Filter : Disabled perpetual
Intercompany Media Engine : Disabled perpetual
Cluster : Enabled perpetual
This platform has an ASA 5540 VPN Premium license.
Serial Number: ***********
Running Permanent Activation Key: ********** ********** ********** ********** **********
Configuration register is 0x1
Configuration has not been modified since last system restart.
Why am I missing options?
firewall cisco-asa
ASA 5540 VPN Premium license. Version 9.1(7)
asa01(config)# crypto key generate rsa label sslvpnkey
^
ERROR: % Invalid input detected at '^' marker.
It seems I'm missing options for crypto:
asa01(config)# crypto ?
configure mode commands/options:
engine Configure crypto engine
isakmp Configure ISAKMP
sh ver
output:
Cisco Adaptive Security Appliance Software Version 9.1(7) <system>
Compiled on Thu 14-Jan-16 09:37 by builders
System image file is "disk0:/asa917-k8.bin"
Config file at boot was "startup-config"
asa01 up 9 mins 24 secs
Hardware: ASA5540, 2048 MB RAM, CPU Pentium 4 2000 MHz,
Internal ATA Compact Flash, 256MB
BIOS Flash M50FW080 @ 0xfff00000, 1024KB
Encryption hardware device : Cisco ASA-55xx on-board accelerator (revision 0x0)
Boot microcode : CN1000-MC-BOOT-2.00
SSL/IKE microcode : CNlite-MC-SSLm-PLUS-2.08
IPSec microcode : CNlite-MC-IPSECm-MAIN-2.09
Number of accelerators: 1
0: Ext: GigabitEthernet0/0 : address is 0025.45d7.883a, irq 9
1: Ext: GigabitEthernet0/1 : address is 0025.45d7.883b, irq 9
2: Ext: GigabitEthernet0/2 : address is 0025.45d7.883c, irq 9
3: Ext: GigabitEthernet0/3 : address is 0025.45d7.883d, irq 9
4: Ext: Management0/0 : address is 0025.45d7.883e, irq 11
5: Int: Not used : irq 11
6: Int: Not used : irq 5
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited perpetual
Maximum VLANs : 200 perpetual
Inside Hosts : Unlimited perpetual
Failover : Active/Active perpetual
Encryption-DES : Enabled perpetual
Encryption-3DES-AES : Enabled perpetual
Security Contexts : 2 perpetual
GTP/GPRS : Disabled perpetual
AnyConnect Premium Peers : 2 perpetual
AnyConnect Essentials : Disabled perpetual
Other VPN Peers : 5000 perpetual
Total VPN Peers : 5000 perpetual
Shared License : Disabled perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
UC Phone Proxy Sessions : 2 perpetual
Total UC Proxy Sessions : 2 perpetual
Botnet Traffic Filter : Disabled perpetual
Intercompany Media Engine : Disabled perpetual
Cluster : Enabled perpetual
This platform has an ASA 5540 VPN Premium license.
Serial Number: ***********
Running Permanent Activation Key: ********** ********** ********** ********** **********
Configuration register is 0x1
Configuration has not been modified since last system restart.
Why am I missing options?
firewall cisco-asa
firewall cisco-asa
asked 58 mins ago
Don Peat
1063
1063
migrated from serverfault.com 38 mins ago
This question came from our site for system and network administrators.
migrated from serverfault.com 38 mins ago
This question came from our site for system and network administrators.
Did it work before you installed the firmware update?
â Michael Hampton
47 mins ago
@MichaelHampton No
â Don Peat
44 mins ago
add a comment |Â
Did it work before you installed the firmware update?
â Michael Hampton
47 mins ago
@MichaelHampton No
â Don Peat
44 mins ago
Did it work before you installed the firmware update?
â Michael Hampton
47 mins ago
Did it work before you installed the firmware update?
â Michael Hampton
47 mins ago
@MichaelHampton No
â Don Peat
44 mins ago
@MichaelHampton No
â Don Peat
44 mins ago
add a comment |Â
1 Answer
1
active
oldest
votes
up vote
2
down vote
You are running a k8
firmware. Only k9
firmware has 3DES/AES enabled.
See: https://community.cisco.com/t5/firewalls/asa-5510-k8-vs-asa-5510-k9/td-p/1866381
add a comment |Â
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
2
down vote
You are running a k8
firmware. Only k9
firmware has 3DES/AES enabled.
See: https://community.cisco.com/t5/firewalls/asa-5510-k8-vs-asa-5510-k9/td-p/1866381
add a comment |Â
up vote
2
down vote
You are running a k8
firmware. Only k9
firmware has 3DES/AES enabled.
See: https://community.cisco.com/t5/firewalls/asa-5510-k8-vs-asa-5510-k9/td-p/1866381
add a comment |Â
up vote
2
down vote
up vote
2
down vote
You are running a k8
firmware. Only k9
firmware has 3DES/AES enabled.
See: https://community.cisco.com/t5/firewalls/asa-5510-k8-vs-asa-5510-k9/td-p/1866381
You are running a k8
firmware. Only k9
firmware has 3DES/AES enabled.
See: https://community.cisco.com/t5/firewalls/asa-5510-k8-vs-asa-5510-k9/td-p/1866381
answered 39 mins ago
Mark Henderson
280112
280112
add a comment |Â
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fnetworkengineering.stackexchange.com%2fquestions%2f54114%2fmissing-crypto-options-on-cisco-5540-firewall%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Did it work before you installed the firmware update?
â Michael Hampton
47 mins ago
@MichaelHampton No
â Don Peat
44 mins ago