Calling all ASA engineers

itdaddyitdaddy Senior MemberMember Posts: 2,088 ■■■■□□□□□□
Hey ASA engineers;

we have this new ASA 5510 and we are virtualizing the firewalls; i think it is calle multiple contexts and well we have this:

1. Internet vm firewall
2. Private vm firewall
3. Admin vm Firewall

and appaarently our CCNP engineer says Cisco has issues allowing VPNS for any of these vm firewalls is this true??

It is hard to believe that an ASA firewall cannot create VPNs with each VM???doesnt make sense
can someone clarifty this for me and if there is a workaround

do you have a config or can point me in the right direction??

Comments

  • stealthttstealthtt Member Posts: 14 ■□□□□□□□□□
    Your engineer is correct. You won't be able to do VPNs on those security contexts.
  • itdaddyitdaddy Senior Member Member Posts: 2,088 ■■■■□□□□□□
    you have got to be kidding...isnt there a patch or something I heard there was a patch
    doesnt make sense
  • stealthttstealthtt Member Posts: 14 ■□□□□□□□□□
    No, VPN support is disabled when using multiple contexts.
  • tierstentiersten Member Posts: 4,505
    It isn't supported at all by Cisco. The ASA software just doesn't do it. Maybe in the future *shrug*
  • itdaddyitdaddy Senior Member Member Posts: 2,088 ■■■■□□□□□□
    thanks guys

    yeah, it just sucks! amazing how this piece of fancy firwall is just that a firewall
    even though it can have many functions..funny how it is in the fine print...
    thanks
  • redwarriorredwarrior Member Posts: 285
    I think the virtualization technology as it applies to network devices is still a bit new compared to what we've seen in the server world, but maybe in time...

    On a somewhat related, somewhat unrelated note...I was lucky enough to get to sit through a new product run-down at our local Cisco office...the Nexus 1000v switch for VMWare sounds really promising for those of us supporting VMWare servers in our datacenters...anyone else heard abou those?

    CCNP Progress

    ONT, ISCW, BCMSN - DONE

    BSCI - In Progress

    http://www.redwarriornet.com/ <--My Cisco Blog
  • cisco_troopercisco_trooper Too many Member Posts: 1,443 ■■■■□□□□□□
    itdaddy wrote:
    thanks guys

    yeah, it just sucks! amazing how this piece of fancy firwall is just that a firewall
    even though it can have many functions..funny how it is in the fine print...
    thanks


    Wowsers..... I have 4 or 5 ASA5510s and 5520s. I haven't used any virtual firewalls on them but now I know not to bother. VPN support is mandatory....
Sign In or Register to comment.