I'm getting ready to migrate our 3030 concentrator to an ASA5540 which came with 7.2 software. We will only be using the ASA for IPSec VPN (client and lan-2-lan) and SSL client access. No firewall useage at all as this will be in parallel with our main firewall.
Should I stick with 7.2 or is it recommended to move to 8.0 yet?
7.2 has been out for a while and has gotten a lot of exposure in the field. So, if you do not need any new features in the 8.0 code, stick to 7.2 on the ASA. For example, if you need to turn on EIGRP on the ASA, then you have to go to 8.0.
Please refer the below release notes for new features.
I agree with Arul. I've been using 7.2(2) in ASA and PIX for firewalling, IPSec VPN, SSL VPN, S2S VPN without any glitch. I have encountere a lot of problem with its predecessors though. In my experience, 7.2(2) is stable. However, it all depends on the feature that you need though.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...