Cisco Bug: CSCuq91115 - Cannot add ASA/CX into PRSM if EVAL WSE license is Expired or Deleted
Nov 27, 2020
- Cisco ASA Next-Generation Firewall Services
Known Affected Releases
Symptom: Can not add a CX module to off box PRSM if the WSE license is expired and/or deleted. Conditions: PRSM with two CX modules with AVC and IPS licenses installed and with WSE eval license. the WSE license is expired and not using any of the WSE features so deleted the WSE license. Have installed permanent AVC and IPS licenses. Adding the 3rd CX will have issues. PRSM will complain about requirement of WSE license. Here is the message: "This device is using some licensed features, but you do not have sufficient valid, unused, non-evaluation licenses to complete the import. Required missing licenses are: Web Security Essentials license. Please upload licenses to PRSM and try adding the device again." Issue seems to be that there is a built-in "Default web reputation profile" object which cannot be deleted. It appears this is used in the "Malware Protection Configuration". Unless we get a new WSE eval license, can not add another CX to PRSM.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases