09-25-2009 04:41 PM - edited 03-11-2019 09:19 AM
I need to purchase a pair of ASA 5510 to setup site-to-site VPN Active/Standby between my company
with a partner. The partner is using an open-source product called Vyatta. We will be using
AES-256/DH-group5/SHA with PFS Group 5.
I have not used Pix/ASA for a while so I am a little rusty on the terminologies. Can someone help?
When I setup something like two years ago with Pix535. I understand that in order to do something
like what I described above, the Primary Pix needs to have Un-Restricted (UR) license while the
secondary Pix needs only FailOver (FO) license. With this configuration, I will have Active/Standby
configuration for site-to-site VPN. I also understand that if the Primary UR Pix goes down for
whatever reason, the FO Pix will take over, BUT if the Secondary FO Pix can NOT stay up for more than
24 hours if the Primary is still down. The Secondary FO Pix will reboot by itself 24 hours if the
Primary is still down.
I would like to purchase a pair of ASA5510 with 8.2 code with Active/Standby IPSec Lan-2-Lan VPN.
I think I willl need to purchase this "Cisco ASA 5510 Security Plus Firewall Edition Bundle with
the part number of ASA5510-SEC-BUN-K9".
Does it mean I need to purchase two of these? Is there such a thing as "FailOver (FO)" part number
for ASA?
Thanks in advance.
Solved! Go to Solution.
09-26-2009 12:37 AM
09-26-2009 12:37 AM
hi, please see the link
http://www.cisco.com/en/US/docs/security/asa/asa82/license/license82.html#wp171574
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide