10-01-2012 12:02 PM - edited 03-11-2019 05:02 PM
i am currently looking at the suitability of replacing an 'airbreak' firewall with 2 new ASA 5505'S.
One stipulation i have is that i require to connect the third party that is currently using the 'airbreak' solution using a secure iPsec VPN.
I have both 5505's that were supplied by the third party, but i believe i may need a new fireware upgrade
I am using ASDM 6.4.XX and the ASA's have firmware 8.4(2) and a basic licence.
Am i correct in assuming that the VPN wizard functionality is missing because of th firmware installed currently on both of the ASA's? or am i looking in the wrong place?
i have done a fair amount of research an can see earlier versions of ASDM wit the VPN wizzard so can only assume it is down to the firmware.
i see that the latest version for the ASA 5505's is 8.4.4 and was wondering if this will provide me with the functionality i require as it does mention in the documentation that it does support the clientless VPN options.
Can anybody also confirm what part number
ASA5505-BUN-K9 relates too in relation to firmware for the ASA's?
As you can see i am new to the Firewall side of things and want to get this one right
Kind regards
Chris Mann
10-01-2012 12:27 PM
If you have an ASA5505-BUN-K9 with version 8.4(2), then there should be the VPN-wizard available. What is there in the "Wizards"-menu of your ASDM?
--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni
10-01-2012 12:37 PM
Karsten,
thanks for taking the time to reply, i do appreciate it.
not sure if i have the BUN-K9 or not, but on the bottom of both of the ASA's it reads ASA5505-V8?
The reason i ask about the BUN-K9 is that i do know about the security side of things as to regards to the K9 Tag for the firmware releases and thought this might be what i need but am unsure what the BUN-K9 relates too.
thanks again
Chris
10-01-2012 01:05 PM
the "k9" relates to the encryption that you really want to have for VPN ... ;-)
Plese paste a "show version" from the command-line.
if the following line is not there:
VPN-3DES-AES : Enabled perpetual
then go to http://www.cisco.com/go/license and enter your serial-number to get a free 3DES/AES-license:
On that page you find it under "Get new" -> "IPS, Crypto ..." -> Security-Products -> Cisco ASA 3DES/AES License.
EDIT: And it's not the Tools-Menu, right to the Tools is the "Wizards"-menu
--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni
10-01-2012 01:15 PM
Karsten,
Thanks for the information. you are right it is in the Wizards menu, im currently at home and was trying to remember the exact location
as for the
VPN-3DES-AES : Enabled perpetual
I can remember looking at the licence details on the ASA and dont remember seeing that line so thats a good place to start.
Ill give that a go tomorrow when im back in work, thanks very much for your help
Chris
10-01-2012 12:38 PM
....Sorry forgot to add that i when i select the 'Tools' option there is now VPN wizzard option or any reference to VPN's
Chris
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide