Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
340
Views
0
Helpful
1
Replies

ASA Firewall assistance

Go to solution
cisco24x7
Level 6
Level 6

‎09-25-2009 04:41 PM - edited ‎03-11-2019 09:19 AM

I need to purchase a pair of ASA 5510 to setup site-to-site VPN Active/Standby between my company

with a partner. The partner is using an open-source product called Vyatta. We will be using

AES-256/DH-group5/SHA with PFS Group 5.

I have not used Pix/ASA for a while so I am a little rusty on the terminologies. Can someone help?

When I setup something like two years ago with Pix535. I understand that in order to do something

like what I described above, the Primary Pix needs to have Un-Restricted (UR) license while the

secondary Pix needs only FailOver (FO) license. With this configuration, I will have Active/Standby

configuration for site-to-site VPN. I also understand that if the Primary UR Pix goes down for

whatever reason, the FO Pix will take over, BUT if the Secondary FO Pix can NOT stay up for more than

24 hours if the Primary is still down. The Secondary FO Pix will reboot by itself 24 hours if the

Primary is still down.

I would like to purchase a pair of ASA5510 with 8.2 code with Active/Standby IPSec Lan-2-Lan VPN.

I think I willl need to purchase this "Cisco ASA 5510 Security Plus Firewall Edition Bundle with

the part number of ASA5510-SEC-BUN-K9".

Does it mean I need to purchase two of these? Is there such a thing as "FailOver (FO)" part number

for ASA?

Thanks in advance.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions
1 Reply 1
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card