Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1072
Views
5
Helpful
5
Replies

BGP on Older ASAs

trevor240
Level 1
Level 1

‎05-18-2018 12:24 AM - edited ‎02-21-2020 07:47 AM

Hello Everyone, I understand that BGP is currently not on the ASA 5510, 5520, 5540, 5550, and the ASA 5580. I am curious as to why the ASA 5505 supports it and not the models that I listed. I am curious if Cisco has any plans on implementing BGP on them before their end of support date. 

 

I use the ASA 5510 in my home network, which I connect to my friends with and all of us have our own BGP AS numbers, however it would be nice to just use BGP in the network instead of using OSPF on my network and then redistribute the routes into BGP and vice versa. That way it makes for easier failover when my primary internet connection goes down and I can just tell it neighbor Cox route-map Failover in followed by neighbor Cox route-map Failover out in the BGP config on the ASAs, that way it moves over to CenturyLink. 

 

Trevor Janssen

Labels:
0 Helpful
5 Replies 5

Bogdan Nita
VIP Alumni
VIP Alumni

‎05-18-2018 01:27 AM

Hi Trevor,

BGP was introduced to ASA in version 9.2.

Latest version available for the ASA 5510, 5520, 5540, 5550, and the ASA 5580 is 9.1.

For ASA 5505 the latest version available is 9.2, and thus supports bgp.

I can't say for sure, but I really don't think the ASA 5510 will get upgraded to 9.2 in order to support bgp.

 

HTH

Bogdan

 

trevor240
Level 1
Level 1
In response to Bogdan Nita

‎05-18-2018 10:55 AM

Hello Bogdan, 

 

I only wish that they do upgrade the older ASAs to 9.2 so that I can use BGP and retire OSPF. I do understand that BGP was introduced in 9.2 and that the latest version available for the ASAs that I listed is 9.1.7 Interim. 

 

Trevor Janssen

0 Helpful

Karsten Iwen
VIP
VIP
In response to trevor240

‎05-19-2018 03:22 PM

That won't happen! These ASAs are nearly EOL and they won't see any new features. And in a short time, they also will not see any fixes for newly discovered vulnerabilities. It's time to replace these devices.

0 Helpful

trevor240
Level 1
Level 1
In response to Karsten Iwen

‎05-19-2018 03:25 PM

Hello Karsten, 

 

Unfortunately I can't upgrade as this is my home lab. It costs about $1400 to upgrade if I buy ASA 5512-X off of eBay (that is where I buy my equipment for my home lab).

 

Trevor Janssen

0 Helpful

Karsten Iwen
VIP
VIP
In response to trevor240

‎05-19-2018 03:31 PM

If it's for a home-lab, consider using the ASAv on Vmware Workstation/Fusion/ESXi. Without a license, the throughput is only minimal, but you can practice all features.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card