OK so for the 5506-X with FirePower, as i know FirePower is additional security for applications filtering for malware etc.( em i right ? )? But i don't like the FirePower options is it possible to buy 5506-X without this Options and just a licence for Failover ?
For the old 5505 you needed the SecPlus license for WAN-failover. For the 5506-X I assume that this restriction is lifted, but I don't have a Base-version to confirm this. For HA you need the SecPlus license on both units. With that the active role fails over to the standby unit if the first one has a problem. The VPNs always terminate on the active ASA, so this gives you also a VPN-failover for the event of a device failure.
VPN-failover for an outage of the primary WAN is handled in the same way as "normal" WAN-failover with route-tracking.
-- Don't stop after you've improved your network! Improve the world by lending money to the working poor: http://www.kiva.org/invitedby/karsteni
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...