Recommendation Requried

Unanswered Question
Jun 15th, 2008

Dear Experts,

I am going to have an installation for ASA 5520 with AIP-SSM10.

I will be doing site-to-site VPN, Remote Access VPN and also SSL VPN on ASA.

I want suggestions related to the ASA version. After reading release notes for version 8 i am thinking about version 8.0 but I am not sure about the stability of version 8.0

can someone advice me which ASA version I should go for it.

Thanks a lot in advance

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Farrukh Haroon Mon, 06/16/2008 - 09:12

Dear Nasim

Please hear the answer from the Horse's Mouth directly:

http://www.cisco.com/en/US/docs/security/asa/asa80/release/notes/arn803n.html#wp37869

"SSL VPN customers are encouraged to upgrade to Version 8.0(3).

ASA Version 8.0(3) also provides new functionality for firewall customers, as listed below. However, given this release is primarily targeted towards our SSL VPN customers, customers who remain satisfied with the firewall feature content of the ASA Version 7.x series are encouraged to remain on 7.x until such time as they have a business requirement for Version 8.0(3). To support customers choosing to remain on 7.x versions, release updates across all 7.x have been made available. "

Please rate helpful posts :)

Regards

Farrukh

nasim_nasri Mon, 06/16/2008 - 21:20

Dear Farrukh,

Thanks a lot but i am looking for more recommendations. Actually i am going to the following on the firewall.

1. 10 Site to site VPN from Routers to ASA

2. 10 SSL Vpn connection to ASA

3. 200+ remote access VPN on ASA.

4. INLINE IPS using AIP-SSM-10 on ASA

5. Active Directory integration for remote access VPN and SSL VPN.

6. DHCP pool on ASA.

7. Lot of different kinds of Natting.

Actually I am also looking the advice if anyone setup this kind of scenario or near to this kind. I really don't want to play first and reach to the stable configuration. I am trying to start with the most recommend ASA/ASDM version.

As you can see the I will be using 10 ssl vpns only so still 8.0 is recommended for me with all the above options enable

If anyone from CISCO TAC can recommend me that would be excellent

Thanks

Actions

This Discussion