Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
313
Views
20
Helpful
3
Replies

Anyconnect VPN migration off ASA to FTD

Chuck Reimer
Level 1
Level 1

‎10-28-2022 06:42 AM

We currently have 3 ASA 5515x devices used for vpn with Anyconnect 5.x client. I'm new to the ASA world and the current plan is to migrate over to FTD 2110 devices. First question is the ASA codebase being retired any time soon? I've heard the ASA is the way to go for VPN services but don't want to put ourselves in a position where they are no longer being supported and we need to get off of them. Secondly, if we can stay on ASA is it possible to image the 2110 with ASA code and is that possible and recommended?

0 Helpful
3 Replies 3

Rob Ingram
VIP
VIP

‎10-28-2022 06:49 AM

@Chuck Reimer there is better feature parity for RAVPN between FTD image and ASA nowadays. I'd personally consider using FTD image, especially if using FMC to manage the FTD. If using local management (FDM) however there are certain features not available (yet).

You could reimage the 2110 hardware to use ASA software image.

There is no end of life date announced yet for ASA image, I believe they are still even releasing new features (in addtion to bug fixes) on ASA software.

Marvin Rhoads
Hall of Fame
Hall of Fame

‎10-28-2022 06:53 AM

What @Rob Ingram said. In addition, note that if you reimage your 2110 with ASA you lose the IPS capability and any license you purchased to do that (and potentially URL Filtering and Malware).

Chuck Reimer
Level 1
Level 1

‎10-28-2022 07:25 AM

Thanks for the replies guys, very helpful!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card