Obtain and Apply Virtual Licenses for vESA, vWSA, and vSMA

Available Languages

Download Options

  • PDF     (35.7 KB)
    View with Adobe Reader on a variety of devices
  • ePub     (83.5 KB)
    View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
  • Mobi (Kindle)     (71.0 KB)
    View on Kindle device or Kindle app on multiple devices
Updated:May 22, 2026
Document ID:118301

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Introduction

This document describes best practices for obtaining and applying virtual licenses for vESA, vWSA, and vSMA.

Prerequisites and Important Considerations

  • You must have a Cisco.com account associated with an active Cisco contract, and a fully licensed Cisco Email Security Appliance (ESA), Web Security Appliance (WSA), or Security Management Appliance (SMA) appliance covered by that contract.
  • Read and understand the Cisco Content Security Virtual Appliance Installation Guide.
  • Ensure the Virtual Email Security Appliance (vESA), Virtual Web Security Appliance (vWSA), or Virtual Security Management Appliance (vSMA) is installed in your virtual environment, the System Setup Wizard is completed, and you have issued the saveconfig command from the CLI.
  • For licensing issues, select Help in the License Registration Portal.

Background Information

References to the virtual appliances may vary as VESA, vESA, ESAV (for ESA), VWSA, vWSA, WSAV (for WSA), and VSMA, vSMA, SMAV (for SMA). These acronyms are interchangeable and commonly used in Cisco documentation.

If you have not yet downloaded the virtual appliance, use these links:

Request and Install Virtual Appliance Licenses

Before you configure your vESA, vWSA, or vSMA, you must request and install a virtual appliance license file.

Obtain a Virtual License Number (VLN)

The Virtual License Number (VLN) is required to activate your virtual appliance. In addition, you need:

  • Your Cisco.com account credentials
  • Activation keys from your ESA, WSA, or SMA (if applicable)

If you do not have a Cisco.com account, register here.

If you share a current license, use the email address originally registered for the device. Assistance is available through Cisco Global License Operations (GLO): Phone: 1-800-553-2447 (option 3), or email: licensing@cisco.com.

Request a Demo License for a Virtual Appliance

  1. Access the Cisco Software Central and login with your Cisco credentials.
  2. Navigate to Traditional Licenses >> Access LRP >> Licenses.
  3. From the Get Licenses drop-down menu, select Demo and evaluation.
  4. Select Security Products and then Cisco Email/Web/Content Security Virtual Demo License as the product.
  5. Choose one of the demo licenses as appropriate:
    • Cisco Email Security Appliance (ESA) Virtual Appliance 45-Day Demo License
    • Cisco Web Security Appliance (WSA) Virtual Appliance 45-Day Demo License
    • Cisco Content Security Management Appliance (SMA) Virtual Appliance 45-Day Demo License
  6. Click Next.
  7. If you have a Virtual Account for Smart Account, select it from the drop-down menu. Otherwise, continue.
  8. Leave default choices for Demo license for... Virtual Appliance and validity date.
  9. For SN / Virtual Device Identifier, you can enter your current licensed appliance's serial number, or leave it blank and click Next.
  10. Review the Send To and End User fields, accept the EULA, and add additional recipients if necessary.
  11. Click Submit to finalize the demo license request.
  12. Monitor the provided email address for the demo license file (typically received within three hours).
note-icon

Note: The virtual license file is sent in XML format.

Share a Permanent Hardware License to a Virtual License

  1. Access the Cisco Software Central and log in with your Cisco credentials.
  2. Navigate to Traditional Licenses >> Access LRP >> Licenses.
  3. From Move Licenses, choose Share License.
  4. Select Get Activation Codes.
  5. In the pop-up, choose IronPort Product - SW Bundles (for bundles) or IronPort Product - TC (for individual products).
  6. Enter a current ESA/WSA/SMA serial number in the Source Serial Number/Virtual Device Identifier field. Select a source appliance with the licenses you wish to enable on your virtual appliance.
  7. For Select Destination Appliance Type, select Virtual.
  8. Leave the Target Serial Number/Virtual Device Identifier field blank.
  9. Provide the email address to receive the activation code.
  10. Click Request Code.
  11. After receiving the activation code by email, go through steps 3 and 4 above, then select Use Activation Codes when prompted, and enter the code.
  12. Choose the Cisco ESA/WSA software SKUs to embed, then click Next.
  13. Enter the email address for license delivery, then click Get License.
note-icon

Note: The virtual license file is emailed in XML format, typically within three hours.

Load the Virtual License onto the Appliance

Once you have received the XML license file, load it onto your appliance using the CLI:

  • Run the loadlicense command.
  • Select Paste via CLI.
  • After entering the license, press CTRL-D to finish.
  • Accept the End User License Agreement (EULA) by entering Y when prompted.
tip-icon

Tip: Always open the XML file with a text editor such as Notepad++. Avoid opening the file in a web browser, because this can introduce formatting issues and result in the error "Malformed license: Invalid XML, could not parse." If you encounter this error, reload the XML file using a proper text editor.

Paste via CLI

esa.example.com> loadlicense
1. Paste via CLI
2. Load from file
How would you like to load a license file?
[1]> 1
Paste the license file now.
Press CTRL-D on a blank line when done.
<?xml version="1.0"?>
<Envelope xmlns="urn:envelope">
  <data>
    <License>
      <info>
        <company>
          Cisco
        </company>
        ...
      </info>
    </License>
  </data>
</Envelope>
^D
Do you accept the above license agreement? []> Y

Verify License Installation

After loading the license, verify the installation and feature activation.

Use the showlicense command to view the VLN and license validity details. Use the featurekey command to review active feature keys after the license application.

(Machine esa.example.com)> showlicense

Virtual License
===============
vln VLNESA1234567
begin_date Tue Dec 02 00:00:00 2025 GMT
end_date Sun Sep 12 00:00:00 9999 GMT
company Cisco
seats 100
serial 62F3DF2
email user@example.com
issue 386e4815d04c467088bb0882e2a0e5ff
license_version 1.1
note-icon

Note: Feature keys expire at the same time as the license, regardless of activation status. To obtain new feature keys, download and install a new virtual appliance license file as described in the Cisco Content Security Virtual Appliance Installation Guide.

Related Information

Revision History

Revision Publish Date Comments
5.0
22-May-2026
Updated the Introduction section due to character limit, added full acronym of the ESA/vESA, WSA/vWSA, and SMA/vSMA under Prerequisites.
4.0
21-Feb-2026
Re-written using updated process.
3.0
14-Feb-2023
Updated Title, Introduction, SEO, Style Requirements, Machine Translation, Gerunds and Formatting to comply with current guidelines.
1.0
15-Aug-2014
Initial Release
TAC Authored

Contributed by Cisco Engineers

  • Dennis McCabe Jr
    Cisco Technical Leader
  • Robert Sherwin
    Cisco Technical Leader

Was this Document Helpful?

FeedbackFeedback

Contact Cisco

This Document Applies to These Products