Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
627
Views
0
Helpful
1
Replies

Change of Network infrastructure

Go to solution
islow1303
Level 1
Level 1

‎01-05-2016 04:37 AM

Hello together,

We are currently making changes as we were slightly behind with our network. We have ordered a ASA 5585, Cisco SNS (Small Network Server)...and we use a nexus 3548 as our router which connects to several switches across the campus (all cisco baring in mind). Our Nexus 3548 is connected to a main router (where all other universities within the region are also connected to) which is managed by the Government.

Now the ASA 5585 has been bought replace our old ASA which we use for VPN purposes. Are we able to use the ASA 5585 for VPN purposes as well as a Firewall? ...

Furthermore we currently have an access list which is way too long because our old Network admin prefered working with static IP's and therefore managed all IP's statically through the Router using ACL's.

Would appreciate any type of advise.

Kind regards

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Philip D'Ath
VIP Alumni
VIP Alumni

‎01-06-2016 01:40 AM

Yes the ASA 5585 can do VPNs.  If you want to use SSL VPN then you will need appropriate licences.

Access control lists based on static IP addresses/subnets is quite common.  It is very reliable.

You can deploy the free CDA software, which track users logging into Active Directory, and then you can create per user access controls on the ASA.  I've found this to be problematic in the past, but that was quite some time ago.  It may have matured now.

http://www.cisco.com/c/en/us/td/docs/security/ibf/cda_10/Install_Config_guide/cda10/cda_oveviw.html

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Philip D'Ath
VIP Alumni
VIP Alumni

‎01-06-2016 01:40 AM

Yes the ASA 5585 can do VPNs.  If you want to use SSL VPN then you will need appropriate licences.

Access control lists based on static IP addresses/subnets is quite common.  It is very reliable.

You can deploy the free CDA software, which track users logging into Active Directory, and then you can create per user access controls on the ASA.  I've found this to be problematic in the past, but that was quite some time ago.  It may have matured now.

http://www.cisco.com/c/en/us/td/docs/security/ibf/cda_10/Install_Config_guide/cda10/cda_oveviw.html

0 Helpful
Customers Also Viewed These Support Documents