Jon Marshall Fri, 11/30/2007 - 01:24
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Hi


If you are looking to terminate L2L tunnels/remote access vpn's and firewall all on the same device then you are much better going for the ASA device.


To do this on the 6500 you would need a separate Firewall Service Module and then a VPN module/card as the FWSM cannot terminate L2L/remote access vpn's.


HTH


Jon

jackeline Fri, 11/30/2007 - 05:03
User Badges:

Hi Jon,

Thanks for your help, but the reason that I am interested in the switch is that in the network there are a lot of servers that need to be acces by the L2l and the remote VPN users. In this case I think the ASA would a bottle neck,

What do you think??

Jon Marshall Fri, 11/30/2007 - 07:47
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Hi


It depends on how much bandwidth is aggregated from our remote sites and the Internet.


Certainly if you needed 5Gbps throughput of firewall connectivity you would need a FWSM but i suspect you don't need anywhere near that. There are a number of ASA devices and the high end ones are still considerably cheaper than a 6509 solution with service modules.


Take a look at the data sheet for the ASA's


http://www.cisco.com/en/US/products/ps6120/products_data_sheet0900aecd802930c5.html


If cost is not an option and you see significant growth requirements or you really do need to look at huge throughput the 6500 is worth consideration.


Jon

Actions

This Discussion