Required ASAs

sendalotsendalot Member Posts: 328
in CCNP Security
So for VPN portion of CCNP - Security, what kind of ASAs do I need?

Would a couple of ASA5505 with additional licensing do?

Thanks.
· Share on FacebookShare on Twitter

Comments

  • SecurityThroughObscuritySecurityThroughObscurity Member Posts: 212 ■■■□□□□□□□
    I think so.
    Base license would be enough.
    · Share on FacebookShare on Twitter
  • gregorio323gregorio323 Member Posts: 201 ■■■□□□□□□□
    sendalot wrote: »
    So for VPN portion of CCNP - Security, what kind of ASAs do I need?

    Would a couple of ASA5505 with additional licensing do?

    Thanks.

    I'd definitely get the Security Plus License
    · Share on FacebookShare on Twitter
  • RouteMyPacketRouteMyPacket Member Posts: 1,104
    gregorio323 wrote: »
    I'd definitely get the Security Plus License

    Security Plus is needed for HA/Multiple Contexts etc.. which will be covered in FIREWALL, VPN can be practiced via GNS3 with VPN Plus License

    If you are keeping it real world, dual 5510's with Security Plus is what you need.
    Modularity and Design Simplicity:

    Think of the 2:00 a.m. test—if you were awakened in the
    middle of the night because of a network problem and had to figure out the
    traffic flows in your network while you were half asleep, could you do it?
    · Share on FacebookShare on Twitter
  • sendalotsendalot Member Posts: 328
    Can I just get another 5505 than to get one or two of 5510s? single 5510 costs a fortune...lol....
    · Share on FacebookShare on Twitter
  • TheNewITGuyTheNewITGuy Member Posts: 169 ■■■■□□□□□□
    I'll get you 5510 with sec+ for $1450 each :)
    · Share on FacebookShare on Twitter
  • sendalotsendalot Member Posts: 328
    Where did you get the quote?
    · Share on FacebookShare on Twitter
  • RouteMyPacketRouteMyPacket Member Posts: 1,104
    sendalot wrote: »
    Can I just get another 5505 than to get one or two of 5510s? single 5510 costs a fortune...lol....

    Nope, welcome to Security. ha

    Again, your only other option will be to use GNS3 for your ASA's, they will be 5520's and you could get a lot out of it but I like having real gear to push traffic through etc.

    I did use GNS3 for VPN labbing though. For HA etc, GNS3 was buggy and I had me extremely angry at times, just wasn't worth fooling with. Maybe with the upcoming release/s they will be better?
    Modularity and Design Simplicity:

    Think of the 2:00 a.m. test—if you were awakened in the
    middle of the night because of a network problem and had to figure out the
    traffic flows in your network while you were half asleep, could you do it?
    · Share on FacebookShare on Twitter
  • gregorio323gregorio323 Member Posts: 201 ■■■□□□□□□□
    RouteMyPacket wrote: »
    Nope, welcome to Security. ha

    Again, your only other option will be to use GNS3 for your ASA's, they will be 5520's and you could get a lot out of it but I like having real gear to push traffic through etc.

    I did use GNS3 for VPN labbing though. For HA etc, GNS3 was buggy and I had me extremely angry at times, just wasn't worth fooling with. Maybe with the upcoming release/s they will be better?

    I do agree. Sometimes GNS3 is buggy with ASA. At times during my labs I would unable to reach the ASA. It would not respond to anything! and cause frustration and confusion I wish I had the real equipment to avoid all this headache!
    · Share on FacebookShare on Twitter
  • RouteMyPacketRouteMyPacket Member Posts: 1,104
    gregorio323 wrote: »
    I do agree. Sometimes GNS3 is buggy with ASA. At times during my labs I would unable to reach the ASA. It would not respond to anything! and cause frustration and confusion I wish I had the real equipment to avoid all this headache!

    Don't even get me started having flashbacks of why I could not ping the ASA/s through the loopback adapter, or yes the ever automatic reloading of the device. Man that sucked...ugh!
    Modularity and Design Simplicity:

    Think of the 2:00 a.m. test—if you were awakened in the
    middle of the night because of a network problem and had to figure out the
    traffic flows in your network while you were half asleep, could you do it?
    · Share on FacebookShare on Twitter
  • sendalotsendalot Member Posts: 328
    I'm just going to work and spend no money for next few months to save up money for a couple of 5510s..
    · Share on FacebookShare on Twitter
  • jahsouljahsoul Member Posts: 453
    *points to my For Sale post* :)
    Reading: What ever is on my desk that day :study:
    · Share on FacebookShare on Twitter
  • sendalotsendalot Member Posts: 328
    Oh, I have a vendor that I work with for all my equipments. Thanks though!
    · Share on FacebookShare on Twitter
  • TheNewITGuyTheNewITGuy Member Posts: 169 ■■■■□□□□□□
    where did I get the quote? I specialize in used cisco gear :) I quoted you myself
    · Share on FacebookShare on Twitter
  • gregorio323gregorio323 Member Posts: 201 ■■■□□□□□□□
    RouteMyPacket wrote: »
    Don't even get me started having flashbacks of why I could not ping the ASA/s through the loopback adapter, or yes the ever automatic reloading of the device. Man that sucked...ugh!

    I've had the same issue!!!! I had an issue where ASDM would not connect properly and if it did it would be soooo freaking slow!!!!! I had to jump through so many hoops just to get it working right ugh the nightmare! I'd probably spent more time figuring it out than actually studying!
    · Share on FacebookShare on Twitter
Sign In or Register to comment.