Difference between CISCO ASA 5505 and routers 2900 series regarding VPNs

jarinoo3 · ‎02-15-2017

Hello,

I have a question about difference between CISCO ASA 5505 and routers 2900 series regarding VPNs (IPsec, SSL, L2TP), or if ASA has more features which routers series 2900 do not have, I need compare this devices as I wrote above regarding VPNs (IPsec, SSL, L2TP).

If you have some link for comparing or you now some feature of ASA please share it with me, the more the better.

Thank you for your answers.

Philip D'Ath · ‎02-16-2017

The routers have more extensive site to site VPN support. The ASA's have better user to site SSL VPN support.

There is L2TPv3, used for extending a layer 2 network, and L2TP over IPSec used for user to site VPNs. Only the routers can do L2TPv3 L2 extension. Both can do L2TP over IPSec for user to site VPN - but you would be crazy to select this over AnyConnect. AnyConnect is tremendously more reliable and far easier to get working.

You should be looking at an ASA 5506 rather than a 5505.
You should be looking at a 4000 series router rather than a 2900.

Both the 5505 and 2900 series have been superseded.

So the question comes down to weather you want better user to site VPN support, or better site to site VPN support. If you want great support for both - then get both. If you can cope with average support then choose the once that is strongest for what you need the most.

hahajimmy · ‎05-30-2019

Hi,

Is there any difference at the headend between an ASA and a 29xx router for terminating a client SSL VPN? Does the VPN operate the same way on both platforms?

Thanks,

Dave

Marvin Rhoads · ‎05-30-2019

Many or most of the advanced remote access SSL VPN features for users are only available on the ASA platform. Things like clientless, dynamic access policies, built in profile editor (in ASDM), etc. are not available on a router-based deployment.