11-21-2019 06:01 AM
Hi, we need to move our network environment on the cloud.
The reason is that we have all our servers and sql servers on OS Windows server 2008 R2.
Since Microsoft end of support is january 2020, they agree to support us for a couple of years after the end if we move our environment on Azure.
We have a couple of ASA5505 devices.
Our primary research suggest that these devices may not be suitable to do VPN Tunneling with Azure.
CF: https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-3rdparty-device-config-cisco-asa
ASA device support
Support for IKEv2 requires ASA version 8.4 and later.
Support for DH Group and PFS Group beyond Group 5 requires ASA version 9.x.
Support for IPsec Encryption with AES-GCM and IPsec Integrity with SHA-256, SHA-384, or SHA-512, requires ASA version 9.x.
This support requirement applies to newer ASA devices. At the time of publication, ASA models 5505, 5510, 5520, 5540, 5550, and 5580
do not support these algorithms. Consult your VPN device specifications to verify the algorithms that are supported for your VPN device models and firmware versions.
Can someone tell me if the ASA5505 will allow us to do the job or do we need to purchase newer devices. If so, what model do you suggest.
Thanks
11-21-2019 04:03 PM
see here good explanation of what model to buy depends on your requirement ( route-based or policy-based )
02-14-2020 02:29 AM
In this post we are going to link an Azure Virtual Network to on an premise network via a Cisco ASA talktowendys.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide