ASA 5510 Standalone

Kmageshkumar · ‎12-06-2006

Hi,

I am having ASA 5510 (2) units with Security Plus license.Right now both the boxes are configured as Active/standby failover with stateful(LAN-Based).I want to use this 2 boxes as standalone for different locations as temporary sloution.Please let me know it is feasible.

Regards,

Magesh

a.kiprawih · ‎12-06-2006

Unlike PIX where you cannot run/use Standby/Failover unit as standalone unit, ASA allows you to use them as Active/Standby, Active/Active or operates as individual unit.

You can always deploy the boxes to any separate location to have more control (firewalling) over your network. In this case, you can let the primary/active unit running, remove the failover config and take the standby unit away.

The only reason you put/cluster them together is to achieve high availability.

HTH

AK

Kmageshkumar · ‎12-06-2006

Hi Ak,

Thanks a lot for your clarification.

One more calrification is there any limitaion for the number of ACLS that we can use on cisco ASA box.

Thanks & Regards,

Magesh

sebastan_bach · ‎12-08-2006

hi there is no pre-defined limit of number of acls on asa or pix. but yes sooner after a 1000 acls u will seea performance delay. best way to use them is to create object-groups and use them. it will really reduce the number of acls required for it.

regards

sebastan

Kmageshkumar · ‎12-10-2006

Hi Sebastan,

Thanks for your suggestion.

Thanks & Regards

Magesh