Upgrade from Cisco/Linksys RV082 to ASA5505?

Unanswered Question

We are using about 35 RV082 units in a very basic configuration - 1:1 NAT and some firewall ACLs. All the sites are talking to a central site and we just ran out of ACL space (RV082 supports 50 rules) on the central site.


I presume that I can replace the RV082 with an ASA5505, but I can't find out how many ACLs the ASA unit supports. Does anyone out there have a quick answer?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
ajagadee Tue, 10/07/2008 - 09:45
User Badges:
  • Cisco Employee,

Clarke,


It is my understanding that the ASA 5505 uses around 20KB for an Access List Entry (ACE). So, the number of ACE really depends on the memory on the chassis and other features that are you planning to enable.


Since, you are planning to replace around 35+ RV082 with ASA5505, I would test the ASA5505 in the lab specific to your environment before deploying it in the production.


Also, below is the data sheet for the ASA that has information on various ASA platforms and memory.


http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/product_data_sheet0900aecd802930c5.html


I hope it helps.


Regards,

Arul


** Please rate all helpful posts **

That's not exactly what I'm going to do; I'm only replacing one RV082 with an ASA5505. The access lists are simple; let a specific IP address through on all ports. This should take only one ACL. I just need to know if I can get one hundred ACLs like this into an ASA5505 - that will solve my immediate problem.

ajagadee Tue, 10/07/2008 - 10:18
User Badges:
  • Cisco Employee,

Clark,


I thought that is what I explained in my earlier post.


Each ACE takes 20KB, so if you have 100 ACE, it is 100 * 20KB = 2MB.


Example, 100 lines like the below configuration


access-list 150 permit ip host 10.1.1.1 any

access-list 150 permit ip host 20.1.1.1 any.

......


The ASA5505 comes with 256 MB Memory, so you should be fine running 100 ACE.


Let me know if the above info does not help.


Regards,

Arul


** Please rate all helpful posts **

ajagadee Tue, 10/07/2008 - 14:11
User Badges:
  • Cisco Employee,

Clarke,


Sounds good. Drop us an update whenever you deploy your ASA and configure it with 100+ ACE.


Regards,

Arul

Actions

This Discussion