11-29-2007 06:24 AM - edited 02-21-2020 01:48 AM
Please, can someone help me to decide what is better for using in a lan- wan enviroment to close L2L and remote VPN, and to use as firewall??
I attach the drawing of the network.
11-30-2007 01:24 AM
Hi
If you are looking to terminate L2L tunnels/remote access vpn's and firewall all on the same device then you are much better going for the ASA device.
To do this on the 6500 you would need a separate Firewall Service Module and then a VPN module/card as the FWSM cannot terminate L2L/remote access vpn's.
HTH
Jon
11-30-2007 05:03 AM
Hi Jon,
Thanks for your help, but the reason that I am interested in the switch is that in the network there are a lot of servers that need to be acces by the L2l and the remote VPN users. In this case I think the ASA would a bottle neck,
What do you think??
11-30-2007 07:47 AM
Hi
It depends on how much bandwidth is aggregated from our remote sites and the Internet.
Certainly if you needed 5Gbps throughput of firewall connectivity you would need a FWSM but i suspect you don't need anywhere near that. There are a number of ASA devices and the high end ones are still considerably cheaper than a 6509 solution with service modules.
Take a look at the data sheet for the ASA's
http://www.cisco.com/en/US/products/ps6120/products_data_sheet0900aecd802930c5.html
If cost is not an option and you see significant growth requirements or you really do need to look at huge throughput the 6500 is worth consideration.
Jon
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide