KB ID 0001530
Problem
Cisco have done this for a while, the first time I saw it was years ago on a 5585, but all the NGFW models now have a ‘Serial Number” and a “Chassis Serial Number”. Normally you don’t care unless you need to log a TAC call online. So you issue a show version command, take a note of the serial number, and then it says, there’s no record of that serial number?
Solution
Just to be clear
SmartNets are registered to the Chassis Serial Number, this is NOT the serial number shown with a ‘show version‘ command.
Software (e.g. AnyConnect) is licensed to the Serial Number that IS shown with a ‘show version‘ command.
As a general rule, Cisco ASA chassis serial numbers start with JMX, and the serial numbers start with JAD.
How to Locate the Cisco ASA ‘Chassis Serial Number’
Well it’s printed on the chassis of course, but if it’s in a rack or a thousand miles away, that’s not much help! To get it remotely you use the ‘show inventory’ command;
[box]
Petes-ASA# show inventory
Name: "Chassis", DESCR: "ASA 5516-X with FirePOWER services, 8GE, AC, DES"
PID: ASA5516 , VID: V05 , SN: JMX1234ABCD
Name: "Storage Device 1", DESCR: "ASA 5516-X SSD"
PID: ASA5516-SSD , VID: N/A , SN: MSA21470XXX
Petes-ASA#
[/box]
How to Locate the Cisco ASA ‘Serial Number’
Same as with the old 5500 series firewalls, (and the PIX) use a show version command.
[box]
Petes-ASA# show version
Cisco Adaptive Security Appliance Software Version 9.8(2)24
Firepower Extensible Operating System Version 2.2(2.75)
Device Manager Version 7.8(2)151
Compiled on Thu 01-Mar-18 20:21 PST by builders
System image file is "disk0:/asa982-24-lfbff-k8.SPA"
Config file at boot was "startup-config"
Petes-ASA up 146 days 1 hour
failover cluster up 146 days 1 hour
Hardware: ASA5516, 8192 MB RAM, CPU Atom C2000 series 2416 MHz, 1 CPU (8 cores)
Internal ATA Compact Flash, 8000MB
BIOS Flash M25P64 @ 0xfed01000, 16384KB
Encryption hardware device : Cisco ASA Crypto on-board accelerator (revision 0x1)
Number of accelerators: 1
1: Ext: GigabitEthernet1/1 : address is 00a7.42e1.6ed6, irq 255
2: Ext: GigabitEthernet1/2 : address is 00a7.42e1.6ed7, irq 255
3: Ext: GigabitEthernet1/3 : address is 00a7.42e1.6ed8, irq 255
4: Ext: GigabitEthernet1/4 : address is 00a7.42e1.6ed9, irq 255
5: Ext: GigabitEthernet1/5 : address is 00a7.42e1.6eda, irq 255
6: Ext: GigabitEthernet1/6 : address is 00a7.42e1.6edb, irq 255
7: Ext: GigabitEthernet1/7 : address is 00a7.42e1.6edc, irq 255
8: Ext: GigabitEthernet1/8 : address is 00a7.42e1.6edd, irq 255
9: Int: Internal-Data1/1 : address is 00a7.42e1.6ed5, irq 255
10: Int: Internal-Data1/2 : address is 0000.0001.0002, irq 0
11: Int: Internal-Control1/1 : address is 0000.0001.0001, irq 0
12: Int: Internal-Data1/3 : address is 0000.0001.0003, irq 0
13: Ext: Management1/1 : address is 00a7.42e1.6ed5, irq 0
14: Int: Internal-Data1/4 : address is 0000.0100.0001, irq 0
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited perpetual
Maximum VLANs : 150 perpetual
Inside Hosts : Unlimited perpetual
Failover : Active/Active perpetual
Encryption-DES : Enabled perpetual
Encryption-3DES-AES : Enabled perpetual
Security Contexts : 2 perpetual
Carrier : Disabled perpetual
AnyConnect Premium Peers : 4 perpetual
AnyConnect Essentials : Disabled perpetual
Other VPN Peers : 300 perpetual
Total VPN Peers : 300 perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
Shared License : Disabled perpetual
Total TLS Proxy Sessions : 1000 perpetual
Botnet Traffic Filter : Disabled perpetual
Cluster : Enabled perpetual
Cluster Members : 2 perpetual
VPN Load Balancing : Enabled perpetual
Failover cluster licensed features for this platform:
Maximum Physical Interfaces : Unlimited perpetual
Maximum VLANs : 150 perpetual
Inside Hosts : Unlimited perpetual
Failover : Active/Active perpetual
Encryption-DES : Enabled perpetual
Encryption-3DES-AES : Enabled perpetual
Security Contexts : 4 perpetual
Carrier : Disabled perpetual
AnyConnect Premium Peers : 8 perpetual
AnyConnect Essentials : Disabled perpetual
Other VPN Peers : 300 perpetual
Total VPN Peers : 300 perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
Shared License : Disabled perpetual
Total TLS Proxy Sessions : 1000 perpetual
Botnet Traffic Filter : Disabled perpetual
Cluster : Enabled perpetual
VPN Load Balancing : Enabled perpetual
The Running Activation Key feature: 2000 TLS Proxy sessions exceed the limit on the platform, reduced to 1000 TLS Proxy sessions.
Serial Number: JAD1234ABCD
Running Permanent Activation Key: 0x0037exxx 0x482ffyyy 0x04718yyy 0xaad48xxx 0x49343xxx
Configuration register is 0x1
Image type : Release
Key Version : A
Configuration last modified by PeteLong at 13:50:02.750 GMT Tue Mar 26 2019
Petes-ASA#
[/box]
Related Articles, References, Credits, or External Links
NA