Cisco Support Community
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

ASA 5505

Hi All,

I am in the process of purchasing an advance router.  Here are my requirements,

1.  Support two ISP connections, with automatic fail over from the first connection to the second, and then revert back to the primary connection when it is back up.

2.  At least 8 vpn connections.

I sent the same question to Cisco support and they recommended the 1811 and 1812.  I asked a networking friend of mine to look at our complete network and offer a recommendation.  He suggested the ASA 5505 because it met our requirements and for its ease of set up, which he will be doing for me.  He recommended these models of the ASA 5505, UL-BUN-K9, and the SEC-BUN-K9.  I also found a SEC-PL, but I do not know if that model will meet my requirements.  Do any of the mentioned routers include licenses, and what are the licenses for?  Do the licenses need to be purchased on a yearly basis?

I am fairly new to complex networking such as this.  All suggestions and comments would be appreciated.




Re: ASA 5505

1. Either a router or an ASA will work for this requirement.

2. Either a router or an ASA will work for this requirement too.

The SEC-PLUS license gives you some additional features such as DMZ interfaces and fail-over. On the ASA you do not need VPN licenses for LAN-to-LAN tunnels. For user VPN you do need licesing. They are a one time purchase and do not require maintenance. Routers require the Advanced Security IOS and with an 1800 series router you may also want to look into the VPN-AIM which offloads the encryption/decryption to a module. If the guy who will be building this would like to use an ASA becuase that is what he knows best, I would suggest you go that route. The ASA matches your requirements just fine.

Hope that helps.

CreatePlease to create content