Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
367
Views
0
Helpful
1
Replies

Router VPN or ASA FW VPN?

o.oresotu
Level 1
Level 1

‎06-24-2009 09:21 AM - edited ‎03-11-2019 08:47 AM

Hi,

I work in a financial sector of which security is very essential. I need to setup a site-to-site VPN over the internet for one of our subsidiaries oversea. However, i'm in doubt whether to use a Router at both ends or ASA FW. Does using a router has lesser security than using a FW or what advantage do i have using a FW over a router VPN?.

Labels:
0 Helpful
1 Reply 1

mvsheik123
Level 7
Level 7

‎06-24-2009 11:29 AM

Hi,

For situations where security is primary concerns, I would go with ASA than Router. That way the configurations (allowed/blocked ACLs) will be minimal on ASA when compared to routers.

Also, (Iam not sure if this changed in new IOS with routers), the phase1 lifetime is only 24hrs, but in ASA this can be changed to longer duration. You can even add SSM etc. modules in ASA.

hth

MS

**Rate helpful posts**

I read this somewhere..

"Cisco IOS firewall is often known as "poor mans firewall". If you want a filtering solution, use Cisco IOS. if you want a real firewall that does deep packet inspection, etc...use the Cisco ASA"

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card