Which ASA IOS is best for Lan-2-lan VPNs?

Unanswered Question
Aug 13th, 2010
User Badges:

We have a pair of ASA-5540s to use strictly for lan-2-lan IPSec VPN tunnel termination.  There are two OS trains that are available with new versions vailable for both this month.

8.3.2  and 8.2.3

Which OS would be best in our case to load?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jennifer Halim Fri, 08/13/2010 - 17:21
User Badges:
  • Cisco Employee,

There are huge difference between ASA IOS 8.2 and 8.3 in terms of NAT, ie: from version 8.3 onwards, the NAT concept and configuration has been transformed, and it's completely different to the OS version 8.2 and below.

I would suggest that 8.2.3 is a much stable version compared to 8.3.2 simply because OS 8.3 is newer version of software with major changes which still going towards maturity. However, if you would need funky NAT then version 8.3.2 would provide you with much more flexibility.

In terms of case load, both OS would be able to handle LAN-to-LAN VPNs very well as it's common deployment.

Hope that helps.

cciesec2011 Sat, 08/14/2010 - 03:49
User Badges:

Only Cisco from Advanced Networking Service (ANS) can officially give you code recommendation.  Even Cisco TAC can not advise you on code recommendation.  That's what I was told.


This Discussion