When do you need to buy a license for your Cisco router? Some people may be not clear about the Cisco licensing. So in this article we will talk about Cisco router license. First of all, let’s share a problem raised by a Cisco 2911 user: “I have a 2911 router. I want to apply IP SLA command but there is none.
My router version as below:
Technology Package License Information for Module:’c2900′
—————————————————————–
Technology Technology-package Technology-package
Current Type Next reboot
——————————————————————
ipbase ipbasek9 Permanent ipbasek9
security None None None
uc None None None
data None None None
And he wants to know that whether he needs to purchase a license for his Cisco 2911 router, and whether he need this one ( L-SL-29-APP-K9= ) AppX License with; DATA and WAAS for the Cisco 2900 Series.
Actually, it seems that he needs a SEC, DATA or UC license and that IP BASE is not enough. APP is one of the possible licenses. Perhaps SEC gives him more possibilities to use the router.
Wanna know the feature licenses on Cisco ISR G2? Okay, let’s read the following information of Cisco ISR G2 Licensing and Packaging.
There are two versions of universal images supported on the next generation ISRs.
1. Universal images with the “universalk9” designation in the image name: This universal image offers all the Cisco IOS features including strong crypto features such as VPN payload, Secure UC etc.
2. Universal images with the universalk9_npe” designation in the image name: The robust licensing encryption solution provided by Cisco Software Activation satisfies requirements for the export of encryption capabilities. However, some countries have import requirements that require that the device does not support any strong crypto functionality such as VPN payload etc. in any form. To satisfy the import requirements of those countries, this universal image does not support any strong payload encryption such as VPN payload, secure voice etc. This image supports threat defense features through SECNPE-K9 license.
Unique Device Identifier (UDI)
The Unique Device Identifier is made up of two components: the Product ID (PID) and Serial Number (SN). Serial Number is an 11 digit number which uniquely identifies a device. The Product ID identifies the type of device. This information can be found using the “show license UDI” command on the router CLI. This information is also present on a pull-out label tray found on the device. You may have to remove “V01” that follows the PID. e.g. use only “CISCO2921/K9”, instead of “CISCO2921/K9 V01”.
Software Activation License (SAL)
A Software Activation License is provided by Cisco by specifying the Product Id, Serial Number of the device and the Product Activation Key (PAK). i.e. Product ID + Serial Number+PAK=Software Activation License. New devices are shipped with Software Activation License pre-installed for features ordered with the router. New functionality can be enabled with a new SAL. A Software Activation License (SAL) enables specific functionality e.g. DATA technology package license enables DATA technology functionality in the IOS Universal image. Each SAL is unique to a particular device and cannot be used on a different device. A technology package or feature set is purchased via a “Product Activation Key” (PAK).
License Types Available on the ISR G2
Permanent licenses are valid for the life of the device on which it is installed. Some examples of permanent licenses are IOS Technology Packages (IPB, UC, SEC, DATA), Feature Licenses such as SSL VPN etc.
Temporary licenses are used for evaluating new capabilities or in emergency situations. A temporary license allows a feature set to be used for 60 days of actual usage. When the 60-day period expires, the device will continue to operate normally until reloaded. After the reload, the device will default to the original functionality before the temporary license was enabled. Only actual time that the temporary license is enabled counts towards the 60 day limit. The Cisco Technical Assistance Center (TAC) can provide an extension license for longer trials or other circumstances.
Feature Licenses: Some individual features can be enabled or disabled by license keys. These features check for their licenses before enabling themselves. A feature license will typically have a prerequisite before it will function such as a requirement for a Universal Communication license before a CUBE feature license will function. Some examples of feature licenses are CME, CUBE etc.
There are two types of Feature licenses.
Software Activation Feature Licenses: These are typically upgrades to one or more technology Package Licenses and can be included on new routers or upgraded through Cisco Software Activation. These licenses are enforced through Cisco Software Licensing framework.
Right to Use Feature Licenses: These licenses follow the traditional licensing model and do not use Cisco Software Activation. They can be ordered when the router is initially purchased or at a later date.
Subscription licenses are time-based licenses that require the subscriber to periodically renew or the license will expire after an agreed-upon time. Some examples of Subscription license are URL Filtering and IPS.
Feature licenses can be either uncounted licenses or counted licenses. Uncounted licenses do not have any count and simply enable the unrestricted feature on the router when activated. Counted licenses enable a defined number of uses e.g. CME User Licenses
Universal IOS Packaging Overview
The Cisco ISR 1900, 2900 and 3900 Series adopt the Universal IOS image model enabling customers to future proof their networks. This revolutionary software module offers a simplified choice of software technology packages providing operational efficiencies and reduced test cycles to enable faster deployment of services. Unlocking of feature sets in the universal image is supported by using Cisco Software license keys.
The simplified packaging model will simplify Software Management through four IOS enforceable technology package licenses that enable full suite of IOS software functionality. IOS technology package upgrades can be done by enabling a new license key, reducing the need for truck-rolls to remote offices. The model supports the “pay as you grow” model by allowing purchase of upgrade as you need via Cisco Software Licensing.
The Universal IOS image is loaded by Cisco manufacturing on all shipped routers. IOS Universal Image contains all IOS features. Feature sets in the universal image are unlocked using licensing keys i.e. the level of IOS functionality available is determined by the license applied to the device. A new license only needs to be applied to upgrade IOS functionality on the router .Maintenance upgrades of IOS i.e. moving from one IOS universal image version to another does not require a new licensing key. Reboot of router is also licensing transparent.
IOS Packaging Model for 1900, 2900 and 3900 ISRs
Each device ships with Universal image. IPBase, DATA, UC (Unified Communications) and SEC (Security) technology packages are enabled in the universal image via Cisco Software Activation licensing keys. Each licensing Key is unique to a particular device and is obtained from Cisco by providing the product ID and serial number of the router and a Product Activation Key (PAK), which is provided by Cisco at time of Software purchase. Cisco installs license key(s) for software specified at time of initial router purchase.
On each shipped device IP Base software activation key is installed by default. Additional keys are installed by manufacturing depending on the customer order.
The details of each technology package license can be found in the table below. The new ISR routers also offer Software Activation feature license and Right to Use Feature licenses. The Software Activation feature licenses use the same Software Activation model as the Technology package licenses, while Right to Use Feature licenses are not enforced. Feature licenses work in conjunction with technology package licenses e.g. SSLVPN feature license requires SEC technology package license.
| Technology Package | Details | Software Activation Feature Licenses | Right to Use Feature Licenses |
| IPBaseK9 | Offers features found in IPBase IOS image on ISR 1800,2800 and 3800 + Flexible Netflow + IPV6 parity for IPV4 features present in IPBase. Some of the key feature are AAA BGP, OSPF, EIGRP, ISIS, RIP PBR IGMP, Multicast DHCP HSRP, GLBP NHRP HTTP HQF QoS ACL, NBAR GRE CDP, ARP NTP PPP PPPoA PPPoE RADIUS TACACS SCTP SMDS SNMP STP VLAN DTP IGMP Snooping SPAN WCCP ISDN ADSL over ISDN NAT-Basic X.25, RSVP, NTP, Flexible Netflow etc. | None | None |
| SECK9 | Offers the security features found in Advanced Security IOS image on ISR 1800,2800 and 3800 e.g. IKE v1 / IPsec / PKI, IPsec/GRE, Easy VPN w/ DVTI, DMVPN, Static VTI, Firewall, Network Foundation Protection,GETVPN etc. | SSLVPN (counted)
Intrusion Prevention (Subscription) Content Filtering (Subscription) |
None |
| UC | Offers the UC Features found in IPVoice IOS image on ISR 1800,2800 and 3800 e.g. TDM/PSTN Gateway, Video Gateway[H320/324],Voice Conferencing, Codec Transcoding, RSVP Agent (voice), FAX T.37/38, CAC/QOS, Hoot-n-Holler etc. | Gatekeeper | Land Mobile Radio
CME: Voice & Video (counted) SRST: Voice & Video (Counted) VXML/IVR Gateway (Counted) CUBE [IPIP Gateway] (Counted) |
| DATA | Data features found in SP Services and Enterprise Services IOS image on ISR 1800,2800 and 3800 e.g. MPLS, BFD, RSVP ,L2VPN, L2TPv3 ,Layer 2 Local Switching , Mobile IP, Multicast Authentication,FHRP-GLBP ,IP SLAs, PfR ,DECnet, RSRB, BIP, DLSw+, FRAS, Token Ring ,ISL, IPX ,STUN, SNTP, SDLC, QLLC etc. | SNA Switching | None |
Migration to Simplified packaging on Next Generation ISRs
| IOS Reformation Packaging | Suggested Transition |
| IPBase | IPBase |
| IP Voice | UC |
| Enterprise Base | DATA |
| Enterprise Services | DATA + UC |
| SP Services | DATA + UC (for feature parity and Enterprise Features) |
| Advanced Security | SEC |
| Advanced IP Services | SEC+ UC +DATA (for feature parity and Enterprise Features) |
| Advanced Enterprise Services | SEC+ UC + DATA |
Reference from https://www.cisco.com/c/en/us/products/collateral/cloud-systems-management/software-activation-on-integrated-services-routers-isr/white_paper_c11_556985.html
More Related to Cisco Licenses
