Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
810
Views
10
Helpful
4
Replies

Advice on upgrading from ASA 5510 standalone

marioderosa2008
Level 1
Level 1

‎05-02-2014 02:51 AM

Hi all,

I would like some advice on the best upgrade path for our current site-to-site vpn solution. Currently we only have a single ASA 5510 which is solely used to terminate Site-to-Site VPNs.

The ASA is around 5 years old and running code 7.2 (3), it has 256MB Flash and 256MB RAM.

I have looked at the interface useage and it rarely peaks over 2mbps throughput. Because of this I do not believe that I need to go higher spec than a 5510.

Is it possible to mix and match Cisco ASA model numbers in an Active/Standby HA setup?

Do you know whether my existing ASA will be able to run the latest code, or will I need a memory and flash upgrade?

Are 5510's going to be around for a while now that the new "X" range of ASA's are out?

Thanks

 

Mario De Rosa

Labels:
0 Helpful
4 Replies 4

kevin_giusti
Level 1
Level 1

‎05-02-2014 04:08 AM

You cannot mix and match ASA models in a HA pair.

Your 5510 will require 1Gb of RAM to run any code later than 8.3.

The latest you can go on a 5510 is 9.1.5 while the current version is 9.2.1.

The 5510s are end of life you should look at getting a X series ASA.

marioderosa2008
Level 1
Level 1
In response to kevin_giusti

‎05-07-2014 12:29 AM

Many Thanks!

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame

‎05-02-2014 05:01 AM

Seconding what Kevin said. Here is the End-of-Sale and End-of-Life Announcement for the Cisco ASA 5510. 9.2 and later will not be developed for any of the end-of-sales devices.

If you consider replacing it, the 5512-X is the new entry model (excluding the 5505). If you think you are going to put in an HA pair, you're better advised to go to the 5515-X as the price is roughly equivalent when you take into account you need to add the Security Plus license on the 5512-X to enable failover.

You also have the option with the X series of adding the SSD and licensing the NGFW features like AVC, WSE and IPS to give you full web filtering and application visibility etc.

marioderosa2008
Level 1
Level 1
In response to Marvin Rhoads

‎05-07-2014 12:28 AM

Many Thanks!

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents