12-01-2011 02:54 AM - edited 03-11-2019 02:57 PM
A very good tool for feature checking is Cisco Feature Navigator however it doesnt have ASA features . I am trying to check if ASA 5510 BASE supports IP SLA or not . Where can i find that
12-01-2011 06:54 AM
Hi there,
As far as I know, may be corrected by someone else!!!, the ASA software only has a subset of IP SLA implemented.
For example, you can use IP SLA for static route tracking (for ISP Failover), and use ICMP-ECHO for that. However, ICMP-ECHO is the only protocol-type that has been implemented in the SLA-mechanism of the ASA.
So, to answer your question, yes it will support it but only in a limited fashion!!! I am sure someone with more knowledge may be able to give you a more detailed answer.
Hiope this helps a little,
Tim
12-01-2011 07:15 AM
Yes I want to implement ISP failover . But there are 2 licenses when it comes to ASA 5510 , first one being ASA 5510 BUNK9 aka ASA 5510 BASE while other being ASA 5510 SEC BUNK9 aka ASA 5510 Security Plus .
I wanted to know if there is a limitation of IP SLA with the Base bundle thats why I was looking for a feature navigator .
12-01-2011 08:56 AM
Try this:
From : http://www.scribd.com/doc/25025428/Configuring-a-Cisco-ASA-5505-Rob-Denney
"Overview of Device Features Differences between Base License and Security Plus License The 5500 series comes in a variety of models but we are going to be focusing on the 5505 model, released in 2006. The 5505 model comes in two separate licenses. These licenses are the base and the security plus. Both offer 150 megabits per second throughput, a maximum of 25 SSL VPN user sessions, and a maximum encrypted VPN throughput of 100 megabits per second. However, the security plus license has additional features. For example, it supports up to 25,000 maximum firewall connections whereas the base license only supports a maximum of 10,000. It also supports a maximum of 25 site-to-site and remote access VPN sessions and the base license supports a maximum of 10. It should be noted that both licenses initially only support two VPN connections( 2). The security plus license also allows for a maximum of 20 virtual interfaces, commonly referred to as VLANs, with trunking enabled, and the base license supports a maximum of three. Unfortunately, neither of the licenses supports intrusion prevention, content security (which includes antivirus, anti spyware, and file blocking), or VPN clustering and load balancing.
"A major difference between the two licenses is that the base license does not allow traffic to be forwarded from one VLAN to another; this restriction is removed in the security plus license. However, the base license does allow that particular VLAN to respond to requests. Another way of explaining this restriction is that there are two normal zones and one restricted zone that can only communicate with one of the other zones( 2). This can potentially create problems when trying to implement a demilitarized zone (also known as a DMZ) as will be discussed in a later section.
This device also implements URL Filtering, Secure Desktop, IP Auditing, and can use certificates for identification."
12-01-2011 10:26 AM
Hello Communication.boy,
All you need is to be running at least the Security Appliance version 7.2(1).
Regards,
Julio
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide