We have a pair of 5520 ASAs in A/S. We have an old Cisco VPN solution which needs replaced. Please keep in mind this is NOT a sales opportunity, considering the financial climate need I say more.
I am currently an advocate of having our existing ASAs perform L2L (non-GRE) and corp laptop RA services in lieu of other solutions which may involve resurrecting EOS PIXes. Considering that the ASAs with IPS modules are rated to 225Mbps (IIRC) and our committed rate with our ISPs adds up to FAR less than that, I think it would not be harmful to combine FW services and L2L/RA services onto the same in-support and redundant hardware.
I have implemented ASAs acting as firewalls. And I have implemented ASAs acting as replacements for the old VPN concentrator. And they work well for both purposes.
I have not yet implemented both functions on the same ASA. But my experience so far leads me to believe that the ASA would do reasonably well doing both as you propose. And I would certainly want to use the ASA for both rather than go back to an old PIX.
So for now I would advocate doing both firewall and VPN on the same ASA. (and when conditions improve and a sales opportunity may exist - I would advocate for a separate ASA to do VPN and the pair to do firewall).
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...