hi thanks for ur detailed info buddy. in the link u mentioned it says it also supports security contexts. can u tell me how many context i will get by default. like we get 2 context by default in asa 5520.

also abt the failover it mentions active/active and active/standy also.

in the security plus edition what is the default failover license . can u pls get more info on that. cause i am planning buy a pair to support context and active/active failover.

waiting for ur reply.

regards

sebastan

Hi Sebastan,

Sorry for the late reply.

With Security Plus, the default security context@virtual firewall is 2, upgradable to 5.

The default failover mode is active/active. ASA is different from PIX as ASA has no model/series specifically to do failover like PIX FO-bundle. All series, except ASA5505 are capable to function as failover unit (Active/Active or Active/Standby). ASA5505 support Active/Standby with upgraded license.

Rgds,

AK

Correction.. I believed the default failover license should be Active/Standby, but allows you to switch to Active/Active mode. By default, the failover role/mode is set to secondary, therefore the failover should be in Active/Standby mode.

This requires you to manually choose/configure active and standby unit, and avoid unnecessary issues if new unit is added into the production network with active failover role.

http://www.cisco.com/en/US/customer/products/ps6120/products_command_reference_chapter09186a008063f0e4.html#wp1749086

Rgds,

AK

h buddy thanks i am relieved abt hearing the context thing and that it will support active/active. thanks a lot.

regards

sebastan

hi AK. here;s the link

http://www.cisco.com/en/US/products/ps6120/prod_brochure0900aecd80402e36.html

here they have mentioned that in security plus bundle i wil still get 5 interfaces but with active/standy failover only.

i will have to take

Cisco ASA 5510 Security Plus license (provides Active/Active and Active/Standby high availability, increased session and VLAN capacities, and additional Ethernet interfaces)

ASA5510-SEC-PL

this is the only license in asa 5510 that supports active/active failover.

regards

sebastan

Dear AK,

As per datasheet i Understand ASA 5510 have 5 Fast ethernet port on board with SECPLUS License out of these 5 Ports two will be coverted to Gigabit. I understand that if i am not having SEC-PLUS license i will be having 5 Fast ethernet ports to connect to network. Also i have one more doubt, Physically there are 4 Fast ethernet port and 1 Management Port. Is Cisco considered the Management port into total fast ethernet port Count. If so is the case then can we use this Management as Network port. Can you please help me on my doubts.

Regards

Gautam Chakraborty

Gautam,

Please note you are adding to a 7 year old thread!

Anyhow yes the count of five ports includes the Management0/0 port. You can use this as an active traffic port although it is not a common or recommended practice. You are better advised to use subinterfaces and segment your traffic that way,. leaving M0/0 for management purposes.

Also please realize the 5510 is about to go end-of sales. It is an 8 year old 32-bit platform with limitations from the era it was introduced. The 5512-X or 5515-X is a much much better choice if you are acquiring a new firewall in that range.

Regards,

- Marvin