Solved: Thanks for your help.

galin.p.i · ‎02-16-2017

I have an ASA 5525 at our corporate HQ that has one site to site VPN to our back up side currently.

I also have 5 other side location connected with multipoint DMVPN created on the edge routers to those two buildings.

I want to substitute the 5 sites DMVPN with adding 5 ASAs (5510) and have full side to site VPN's, also connected to both of the buildings HQ and Back up/DR.

I’m wondering If this is suffusion set up and is it possible all sides to pass traffic in between one each other ( including voice and data traffic), or my current edge router DMVPN is better solution? And If so is this ASA 5510 is a go fit for my needs?

Marius Gunnerud · ‎02-16-2017

The ASA5510 is end of support next year so if support with Cisco is important to you then I would suggest the ASA5508.

Now that being said, the ASA5510 will support 250 IPsec VPN tunnels with a vpn throughput of 170 Mbps.

So it should scale to your needs. But as your network grows keep in mind that the more VPNs you add the more it will affect the overall throughput.

But, if you are looking for a full mesh solution, DMVPN is a more scaleable solution, If you are buying the ASAs to just place firewalls at your remote sites then perhaps just place them behind the DMVPN routers and filter traffic there.

--

Please remember to select a correct answer and rate helpful posts

--
Please remember to select a correct answer and rate helpful posts

View solution in original post

Marius Gunnerud · ‎02-16-2017