My Network Lab: Activating Software License on a Cisco 1900 ISR G2 Router

I needed to configure my Cisco 1921 lab router for Site-to-Site IPsec VPN with a Cisco FTD but I don't have the Security license installed. So I just activated the 60-day Evaluation license instead. Here's a good Cisco link about Cisco ISR G2 and 4K router software packages and licenses.

License Types Available on the ISR G2

Permanent Licenses

Permanent licenses are valid for the life of the device on which it is installed. Some examples of permanent licenses are IOS Technology Packages (IPB, UC, SEC, DATA), Feature Licenses such as SSL VPN etc.

Temporary Licenses

Temporary licenses are used for evaluating new capabilities or in emergency situations. A temporary license allows a feature set to be used for 60 days of actual usage. When the 60-day period expires, the device will continue to operate normally until reloaded. After the reload, the device will default to the original functionality before the temporary license was enabled. Only actual time that the temporary license is enabled counts towards the 60 day limit. The Cisco Technical Assistance Center (TAC) can provide an extension license for longer trials or other circumstances.

Feature Licenses

Some individual features can be enabled or disabled by license keys. These features check for their licenses before enabling themselves. A feature license will typically have a prerequisite before it will function such as a requirement for a Universal Communication license before a CUBE feature license will function. Some examples of feature licenses are CME, CUBE etc.

There are two types of Feature licenses:

Software Activation Feature Licenses

These are typically upgrades to one or more technology Package Licenses and can be included on new routers or upgraded through Cisco Software Activation. These licenses are enforced through Cisco Software Licensing framework.

Right to Use Feature Licenses

These licenses follow the traditional licensing model and do not use Cisco Software Activation. They can be ordered when the router is initially purchased or at a later date.

Subscription Licenses

Subscription licenses are time-based licenses that require the subscriber to periodically renew or the license will expire after an agreed-upon time. Some examples of Subscription license are URL Filtering and IPS.

Counted Licenses

Feature licenses can be either uncounted licenses or counted licenses. Uncounted licenses do not have any count and simply enable the unrestricted feature on the router when activated. Counted licenses enable a defined number of uses e.g. CME User Licenses

You can verify the router's software package and features either using the show version and show license CLI commands.

Router#show version

Cisco IOS Software, C1900 Software (C1900-UNIVERSALK9-M), Version 15.1(4)M4, RELEASE SOFTWARE (fc1)

Technical Support: http://www.cisco.com/techsupport

Compiled Tue 20-Mar-12 17:58 by prod_rel_team

ROM: System Bootstrap, Version 15.0(1r)M15, RELEASE SOFTWARE (fc1)

Router uptime is 2 minutes

System returned to ROM by power-on

System restarted at 10:03:01 UTC Wed Aug 7 2019

System image file is "usbflash0:c1900-universalk9-mz.SPA.151-4.M4.bin"

Last reload type: Normal Reload

This product contains cryptographic features and is subject to United

States and local country laws governing import, export, transfer and

use. Delivery of Cisco cryptographic products does not imply

third-party authority to import, export, distribute or use encryption.

Importers, exporters, distributors and users are responsible for

compliance with U.S. and local country laws. By using this product you

agree to comply with applicable laws and regulations. If you are unable

to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:

http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to

export@cisco.com.

Cisco CISCO1921/K9 (revision 1.0) with 487424K/36864K bytes of memory.

Processor board ID FGL16312ABC

2 Gigabit Ethernet interfaces

1 Serial(sync/async) interface

1 terminal line

DRAM configuration is 64 bits wide with parity disabled.

255K bytes of non-volatile configuration memory.

249840K bytes of USB Flash usbflash0 (Read/Write)

License Info:

License UDI:

-------------------------------------------------

Device# PID SN

-------------------------------------------------

*0 CISCO1921/K9 FGL16312ABC

Technology Package License Information for Module:'c1900'

-----------------------------------------------------------------

Technology Technology-package Technology-package

Current Type Next reboot

------------------------------------------------------------------

ipbase ipbasek9 Permanent ipbasek9

security None None None

data None None None

Configuration register is 0x2102

Router#show crypto

% Incomplete command. // UNABLE TO ISSUE CRYPTO RELATED COMMANDS

Router#show license

Index 1 Feature: ipbasek9

Period left: Life time

License Type: Permanent

License State: Active, In Use

License Count: Non-Counted

License Priority: Medium

Index 2 Feature: securityk9

Period left: Not Activated

Period Used: 0 minute 0 second

License Type: EvalRightToUse

License State: Not in Use, EULA not accepted

License Count: Non-Counted

License Priority: None

Index 3 Feature: datak9

Period left: Not Activated

Period Used: 0 minute 0 second

License Type: EvalRightToUse

License State: Not in Use, EULA not accepted

License Count: Non-Counted

License Priority: None

Index 4 Feature: SSL_VPN

Period left: Not Activated

Period Used: 0 minute 0 second

License Type: EvalRightToUse

License State: Not in Use, EULA not accepted

License Count: 0/0 (In-use/Violation)

License Priority: None

Index 5 Feature: ios-ips-update

Period left: Not Activated

Period Used: 0 minute 0 second

License Type: EvalRightToUse

License State: Not in Use, EULA not accepted

License Count: Non-Counted

License Priority: None

Index 6 Feature: WAAS_Express

Period left: Not Activated

Period Used: 0 minute 0 second

License Type: EvalRightToUse

License State: Not in Use, EULA not accepted

License Count: Non-Counted

License Priority: None

Router#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)#license ?

accept Accept all further License Agreements

agent Configure LIC_AGENT

boot license boot config commands

call-home license call-home config commands

Router(config)#license boot ?

module which module to boot

Router(config)#license boot module ?

c1900 license boot module for c1900

Router(config)#license boot module c1900 ?

technology-package product technology group

Router(config)#license boot module c1900 technology-package ?

datak9 data technology

securityk9 security technology

Router(config)#license boot module c1900 technology-package securityk9 ?

disable disable the technology

<cr>

Router(config)#license boot module c1900 technology-package securityk9

PLEASE READ THE FOLLOWING TERMS CAREFULLY. INSTALLING THE LICENSE OR

LICENSE KEY PROVIDED FOR ANY CISCO PRODUCT FEATURE OR USING SUCH

PRODUCT FEATURE CONSTITUTES YOUR FULL ACCEPTANCE OF THE FOLLOWING

TERMS. YOU MUST NOT PROCEED FURTHER IF YOU ARE NOT WILLING TO BE BOUND

BY ALL THE TERMS SET FORTH HEREIN.

Use of this product feature requires an additional license from Cisco,

together with an additional payment. You may use this product feature

on an evaluation basis, without payment to Cisco, for 60 days. Your use

of the product, including during the 60 day evaluation period, is

subject to the Cisco end user license agreement

http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html

If you use the product feature beyond the 60 day evaluation period, you

must submit the appropriate payment to Cisco for the license. After the

60 day evaluation period, your use of the product feature will be

governed solely by the Cisco end user license agreement (link above),

together with any supplements relating to such product feature. The

above applies even if the evaluation license is not automatically

terminated and you do not receive any notice of the expiration of the

evaluation period. It is your responsibility to determine when the

evaluation period is complete and you are required to make payment to

Cisco for your use of the product feature beyond the evaluation period.

Your acceptance of this agreement for the software features on one

product shall be deemed your acceptance with respect to all such

software on all Cisco products you purchase which includes the same

software. (The foregoing notwithstanding, you must purchase a license

for each software feature you use past the 60 days evaluation period,

so that if you enable a software feature on 1000 devices, you must

purchase 1000 licenses for use past the 60 day evaluation period.)

Activation of the software command line interface will be evidence of

your acceptance of this agreement.

ACCEPT? [yes/no]: yes

% use 'write' command to make license boot config take effect on next boot

Router(config)#

Aug 7 10:09:24.559: %IOS_LICENSE_IMAGE_APPLICATION-6-LICENSE_LEVEL: Module name = c1900 Next reboot level = securityk9 and License = securityk9

Aug 7 10:09:24.955: %LICENSE-6-EULA_ACCEPTED: EULA for feature securityk9 1.0 has been accepted. UDI=CISCO1921/K9:FGL163126BV; StoreIndex=0:Built-In License Storage

Router(config)#end

Router#

Aug 7 10:09:33.315: %SYS-5-CONFIG_I: Configured from console by console

Router#write

Building configuration...

[OK]

Router#show version

Cisco IOS Software, C1900 Software (C1900-UNIVERSALK9-M), Version 15.1(4)M4, RELEASE SOFTWARE (fc1)

Technical Support: http://www.cisco.com/techsupport

Compiled Tue 20-Mar-12 17:58 by prod_rel_team

ROM: System Bootstrap, Version 15.0(1r)M15, RELEASE SOFTWARE (fc1)

Router uptime is 6 minutes