Saturday, September 3, 2016

Retrieving the Serial Number on a Standby ASA Fireawall (via failover exec)

I was trying to get the serial number of a standby ASA firewall and instead of asking a remote tech to get the chassis serial number, I issued the failover exec command on the Primary ASA firewall to do show commands and get info for the Secondary ASA firewall.

ASA01/pri/act/admin# failover ?

  exec  Execute command on the designated unit
ASA01/pri/act/admin# failover exec ?

  active   Execute command on the active unit
  mate     Execute command on the peer unit
  standby  Execute command on the standby unit
ASA01/pri/act/admin# failover exec standby ?

  LINE  Command String
ASA01/pri/act/admin# failover exec standby show inventory   // SERIAL NUMBER FROM show inventory IS USED FOR SMARTNET
Name: "Chassis", DESCR: "ASA 5525-X with SW, 8 GE Data, 1 GE Mgmt, AC"
PID: ASA5525           , VID: V04     , SN: FGL19514123

ASA01/pri/act/admin# failover exec standby show interface ip brief
Interface                  IP-Address      OK? Method Status                Protocol
GigabitEthernet0/0         20.7.2.12   YES manual up                    up 
GigabitEthernet0/1.400     172.27.24.5     YES manual up                    up 
Management0/0              unassigned      YES unset  down                  down

ASA01/pri/act/admin# failover exec standby show version

Cisco Adaptive Security Appliance Software Version 9.4(2)11 <context>
Device Manager Version 7.1(3)

Compiled on Mon 22-Feb-16 22:54 PST by builders

ASA01 up 107 days 22 hours
failover cluster up 108 days 13 hours

Hardware:   ASA5525, 8192 MB RAM, CPU Lynnfield 2394 MHz, 1 CPU (4 cores)
            ASA: 4096 MB RAM, 1 CPU (1 core)
Internal ATA Compact Flash, 8192MB
BIOS Flash MX25L6445E @ 0xffbb0000, 8192KB

Encryption hardware device : Cisco ASA Crypto on-board accelerator (revision 0x1)
                             Boot microcode        : CNPx-MC-BOOT-2.00
                             SSL/IKE microcode     : CNPx-MC-SSL-SB-PLUS-0005
                             IPSec microcode       : CNPx-MC-IPSEC-MAIN-0026
                             Number of accelerators: 1
Baseboard Management Controller (revision 0x1) Firmware Version: 2.4


 0: Int: Internal-Data0/0    : address is 00fe.c8e5.10ac, irq 11
 1: Ext: GigabitEthernet0/0  : address is 00fe.c8e5.10b1, irq 5
 2: Ext: GigabitEthernet0/1  : address is 00fe.c8e5.10ad, irq 5
 3: Ext: GigabitEthernet0/2  : address is 00fe.c8e5.10b2, irq 10
 4: Ext: GigabitEthernet0/3  : address is 00fe.c8e5.10ae, irq 10
 5: Ext: GigabitEthernet0/4  : address is 00fe.c8e5.10b3, irq 5
 6: Ext: GigabitEthernet0/5  : address is 00fe.c8e5.10af, irq 5
 7: Ext: GigabitEthernet0/6  : address is 00fe.c8e5.10b4, irq 10
 8: Ext: GigabitEthernet0/7  : address is 00fe.c8e5.10b0, irq 10
 9: Int: Internal-Data0/1    : address is 0000.0001.0002, irq 0
10: Int: Internal-Control0/0 : address is 0000.0001.0001, irq 0
11: Int: Internal-Data0/2    : address is 0000.0001.0003, irq 0
12: Ext: Management0/0       : address is 00fe.c8e5.10ac, irq 0

Licensed features for this platform:
Maximum Physical Interfaces       : Unlimited      perpetual
Maximum VLANs                     : 200            perpetual
Inside Hosts                      : Unlimited      perpetual
Failover                          : Active/Active  perpetual
Encryption-DES                    : Enabled        perpetual
Encryption-3DES-AES               : Enabled        perpetual
Security Contexts                 : 10             perpetual
GTP/GPRS                          : Disabled       perpetual
AnyConnect Premium Peers          : 2              perpetual
AnyConnect Essentials             : Disabled       perpetual
Other VPN Peers                   : 750            perpetual
Total VPN Peers                   : 750            perpetual
Shared License                    : Disabled       perpetual
AnyConnect for Mobile             : Disabled       perpetual
AnyConnect for Cisco VPN Phone    : Disabled       perpetual
Advanced Endpoint Assessment      : Disabled       perpetual
Total UC Proxy Sessions           : 2              perpetual
Botnet Traffic Filter             : Disabled       perpetual
IPS Module                        : Disabled       perpetual
Cluster                           : Enabled        perpetual
Cluster Members                   : 2              perpetual

This platform has an ASA5525 VPN Premium license.


Failover cluster licensed features for this platform:
Maximum Physical Interfaces       : Unlimited      perpetual
Maximum VLANs                     : 200            perpetual
Inside Hosts                      : Unlimited      perpetual
Failover                          : Active/Active  perpetual
Encryption-DES                    : Enabled        perpetual
Encryption-3DES-AES               : Enabled        perpetual
Security Contexts                 : 20             perpetual
GTP/GPRS                          : Disabled       perpetual
AnyConnect Premium Peers          : 4              perpetual
AnyConnect Essentials             : Disabled       perpetual
Other VPN Peers                   : 750            perpetual
Total VPN Peers                   : 750            perpetual
Shared License                    : Disabled       perpetual
AnyConnect for Mobile             : Disabled       perpetual
AnyConnect for Cisco VPN Phone    : Disabled       perpetual
Advanced Endpoint Assessment      : Disabled       perpetual
Total UC Proxy Sessions           : 4              perpetual
Botnet Traffic Filter             : Disabled       perpetual
IPS Module                        : Disabled       perpetual
Cluster                           : Enabled        perpetual

This platform has an ASA5525 VPN Premium license.

Serial Number: FCH19497ABC    SERIAL NUMBER FROM show version IS USED FOR ASA FEATURE LICENSING (AnyConnect, security context, UC phone proxy, etc.)
Running Permanent Activation Key: 0xd02ad148 0xf05363e7 0x5563850c 0xc6d844bc 0x401fdxyz
Configuration register is 0x1

Image type          : Release
Key version         : A

Configuration last modified by admin at 18:08:36.255 UTC Thu Jun 30 2016

No comments:

Post a Comment