ASA 5500

itdaddyitdaddy Member Posts: 2,089 ■■■■□□□□□□
in CCNP
Hey CCNPers

This might be a dumb question but you know how a firewall say say 10 users/nodes
or 50 user/nodes or unlimited.... does that mean inside users specifically or does that me
how many people can be connected at once say I have a web server behind the ASA and
so many users like 20 are connected..does the 10 user/node limit refer to outside users or inside users..I wasnt sure...thanks

icon_eek.gif
· Share on FacebookShare on Twitter

Comments

  • tierstentiersten Member Posts: 4,505
    It means the number of internal devices that want to go through the ASA. If you have 11 PCs that want to access the internet then the 10 user license isn't enough.

    As you're mention web servers, the 5505/5510 have two different levels as well. Base and Security Plus. The way the base model 5505 works with DMZs might affect you. Any device inside the DMZ is only allowed to talk to 1 other zone. You can't have it talk to something inside and outside.
    · Share on FacebookShare on Twitter
  • PlazmaPlazma Member Posts: 503
    Yea they really restrict it on the base license for the 5505.. thast why the device is so cheap :)
    CCIE - COMPLETED!
    · Share on FacebookShare on Twitter
  • itdaddyitdaddy Member Posts: 2,089 ■■■■□□□□□□
    tiersan and plazma

    thanks a lot! I will look into that ;)
    · Share on FacebookShare on Twitter
  • redwarriorredwarrior Member Posts: 285
    Also keep in mind that with the base license, you are limited to 2 Vlans with IP addresses. (They say 3, but the default DMZ interface does not allow you to assign an IP address to it, so I don't count it.) In most cases, you'll want more than this, which is why we simply buy all ours with the Security+ license...it gives you unlimited inside connections AND multiple vlans. :)
    CCNP Progress

    ONT, ISCW, BCMSN - DONE

    BSCI - In Progress

    http://www.redwarriornet.com/ <--My Cisco Blog
    · Share on FacebookShare on Twitter
  • itdaddyitdaddy Member Posts: 2,089 ■■■■□□□□□□
    thanks redwarrior that helps alot yeah they do not spell it out like that weird that ASA5505 is so cheasy?? 500.00 bucks is not near the price of a ASA 5510 but I think my 831 SOHO is better than that??
    kind of ticks me off that ASA is so limiting!
    · Share on FacebookShare on Twitter
  • tierstentiersten Member Posts: 4,505
    itdaddy wrote:
    thanks redwarrior that helps alot yeah they do not spell it out like that weird that ASA5505 is so cheasy?? 500.00 bucks is not near the price of a ASA 5510 but I think my 831 SOHO is better than that??
    kind of ticks me off that ASA is so limiting!
    The routers can do more things but they're not as good/fast as it. If you want to replicate what IOS can do then you'll need several boxes. An ASA and a IPS/IDS box/AIM would cover most of it. Thats pretty expensive however...
    · Share on FacebookShare on Twitter
Sign In or Register to comment.