Cisco Support Community
Community Member

Advice on upgrading from ASA 5510 standalone

Hi all,

I would like some advice on the best upgrade path for our current site-to-site vpn solution. Currently we only have a single ASA 5510 which is solely used to terminate Site-to-Site VPNs.

The ASA is around 5 years old and running code 7.2 (3), it has 256MB Flash and 256MB RAM.

I have looked at the interface useage and it rarely peaks over 2mbps throughput. Because of this I do not believe that I need to go higher spec than a 5510.

Is it possible to mix and match Cisco ASA model numbers in an Active/Standby HA setup?

Do you know whether my existing ASA will be able to run the latest code, or will I need a memory and flash upgrade?

Are 5510's going to be around for a while now that the new "X" range of ASA's are out?



Mario De Rosa

Community Member

You cannot mix and match ASA

You cannot mix and match ASA models in a HA pair.

Your 5510 will require 1Gb of RAM to run any code later than 8.3.

The latest you can go on a 5510 is 9.1.5 while the current version is 9.2.1.

The 5510s are end of life you should look at getting a X series ASA.

Community Member

Many Thanks!

Many Thanks!

Hall of Fame Super Silver

Seconding what Kevin said.

Seconding what Kevin said. Here is the End-of-Sale and End-of-Life Announcement for the Cisco ASA 5510. 9.2 and later will not be developed for any of the end-of-sales devices.

If you consider replacing it, the 5512-X is the new entry model (excluding the 5505). If you think you are going to put in an HA pair, you're better advised to go to the 5515-X as the price is roughly equivalent when you take into account you need to add the Security Plus license on the 5512-X to enable failover.

You also have the option with the X series of adding the SSD and licensing the NGFW features like AVC, WSE and IPS to give you full web filtering and application visibility etc.

Community Member

Many Thanks!

Many Thanks!

CreatePlease to create content