Obtain and Apply Virtual Licenses for vESA, vWSA, and vSMA

Available Languages

Download Options

  • PDF     (35.3 KB)
    View with Adobe Reader on a variety of devices
  • ePub     (83.5 KB)
    View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
  • Mobi (Kindle)     (70.9 KB)
    View on Kindle device or Kindle app on multiple devices
Updated:February 21, 2026
Document ID:118301

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

    Introduction

    This document describes best practices for obtaining and applying virtual licenses for virtual Email Security Appliance (vESA), virtual Web Security Appliance (vWSA), and virtual Security Management Appliance (vSMA).

    Prerequisites and Important Considerations

    • You must have a Cisco.com account associated with an active Cisco contract, and a fully licensed Cisco ESA, WSA, or SMA appliance covered by that contract.
    • Read and understand the Cisco Content Security Virtual Appliance Installation Guide.
    • Ensure the vESA, vWSA, or vSMA is installed in your virtual environment, the System Setup Wizard is completed, and you have issued the saveconfig command from the CLI.
    • For licensing issues, select Help in the License Registration Portal.

    Background Information

    References to the virtual appliances may vary as VESA, vESA, ESAV (for ESA), VWSA, vWSA, WSAV (for WSA), and VSMA, vSMA, SMAV (for SMA). These acronyms are interchangeable and commonly used in Cisco documentation.

    If you have not yet downloaded the virtual appliance, use these links:

    Request and Install Virtual Appliance Licenses

    Before you configure your vESA, vWSA, or vSMA, you must request and install a virtual appliance license file.

    Obtain a Virtual License Number (VLN)

    The Virtual License Number (VLN) is required to activate your virtual appliance. In addition, you need:

    • Your Cisco.com account credentials
    • Activation keys from your ESA, WSA, or SMA (if applicable)

    If you do not have a Cisco.com account, register here.

    If you share a current license, use the email address originally registered for the device. Assistance is available through Cisco Global License Operations (GLO): Phone: 1-800-553-2447 (option 3), or email: licensing@cisco.com.

    Request a Demo License for a Virtual Appliance

    1. Access the Cisco Software Central and login with your Cisco credentials.
    2. Navigate to Traditional Licenses >> Access LRP >> Licenses.
    3. From the Get Licenses drop-down, select Demo and evaluation.
    4. Select Security Products and then Cisco Email/Web/Content Security Virtual Demo License as the product.
    5. Choose one of the demo licenses as appropriate:
      • Cisco Email Security Appliance (ESA) Virtual Appliance 45-Day Demo License
      • Cisco Web Security Appliance (WSA) Virtual Appliance 45-Day Demo License
      • Cisco Content Security Management Appliance (SMA) Virtual Appliance 45-Day Demo License
    6. Click Next.
    7. If you have a Virtual Account for Smart Account, select it from the drop-down. Otherwise, continue.
    8. Leave default choices for Demo license for... Virtual Appliance and validity date.
    9. For SN / Virtual Device Identifier, you can enter your current licensed appliance's serial number, or leave it blank and click Next.
    10. Review the Send To and End User fields, accept the EULA, and add additional recipients if necessary.
    11. Click Submit to finalize the demo license request.
    12. Monitor the provided email address for the demo license file (typically received within three hours).
    note-icon

    Note: The virtual license file is sent in XML format.

    Share a Permanent Hardware License to a Virtual License

    1. Access the Cisco Software Central and login with your Cisco credentials.
    2. Navigate to Traditional Licenses >> Access LRP >> Licenses.
    3. From Move Licenses, choose Share License.
    4. Select Get Activation Codes.
    5. In the pop-up, choose IronPort Product - SW Bundles (for bundles) or IronPort Product - TC (for individual products).
    6. Enter a current ESA/WSA/SMA serial number in the Source Serial Number/Virtual Device Identifier field. Select a source appliance with the licenses you wish to enable on your virtual appliance.
    7. For Select Destination Appliance Type, select Virtual.
    8. Leave the Target Serial Number/Virtual Device Identifier field blank.
    9. Provide the email address to receive the activation code.
    10. Click Request Code.
    11. After receiving the activation code by email, go through steps 3 and 4 above, then select Use Activation Codes when prompted, and enter the code.
    12. Choose the Cisco ESA/WSA software SKUs to embed, then click Next.
    13. Enter the email address for license delivery, then click Get License.
    note-icon

    Note: The virtual license file is emailed in XML format, typically within three hours.

    Load the Virtual License onto the Appliance

    Once you have received the XML license file, load it onto your appliance using the CLI:

    • Run the loadlicense command.
    • Select Paste via CLI.
    • After entering the license, press CTRL-D to finish.
    • Accept the End User License Agreement (EULA) by entering Y when prompted.
    tip-icon

    Tip: Always open the XML file with a text editor such as Notepad++. Avoid opening the file in a web browser, because this can introduce formatting issues and result in the error "Malformed license: Invalid XML, could not parse." If you encounter this error, reload the XML file using a proper text editor.

    Paste via CLI

    esa.example.com> loadlicense
1. Paste via CLI
2. Load from file
How would you like to load a license file?
[1]> 1
Paste the license file now.
Press CTRL-D on a blank line when done.
<?xml version="1.0"?>
<Envelope xmlns="urn:envelope">
  <data>
    <License>
      <info>
        <company>
          Cisco
        </company>
        ...
      </info>
    </License>
  </data>
</Envelope>
^D
Do you accept the above license agreement? []> Y

    Verify License Installation

    After loading the license, verify installation and feature activation.

    Use the showlicense command to view the VLN and license validity details. Use the featurekey command to review active feature keys after license application.

    (Machine esa.example.com)> showlicense

Virtual License
===============
vln VLNESA1234567
begin_date Tue Dec 02 00:00:00 2025 GMT
end_date Sun Sep 12 00:00:00 9999 GMT
company Cisco
seats 100
serial 62F3DF2
email user@example.com
issue 386e4815d04c467088bb0882e2a0e5ff
license_version 1.1
    note-icon

    Note: Feature keys expire at the same time as the license, regardless of activation status. To obtain new feature keys, download and install a new virtual appliance license file as described in the Cisco Content Security Virtual Appliance Installation Guide.

    Related Information

    Revision History

    Revision Publish Date Comments
    4.0
    21-Feb-2026
    Re-written using updated process.
    3.0
    14-Feb-2023
    Updated Title, Introduction, SEO, Style Requirements, Machine Translation, Gerunds and Formatting to comply with current guidelines.
    1.0
    15-Aug-2014
    Initial Release
    TAC Authored

    Contributed by Cisco Engineers

    • Dennis McCabe Jr
      Cisco Technical Leader
    • Robert Sherwin
      Cisco Technical Leader

    Was this Document Helpful?

    FeedbackFeedback

    Contact Cisco

    This Document Applies to These Products