1 2 Previous Next 20 Replies Latest reply: May 24, 2019 6:31 PM by Peter McKenzie RSS

    Cisco ASA 5510 which one to buy?

    Vlad

      Hi, all.

      I want to get Cisco ASA for my lab to start building VPN's and try different policies. So, Cisco ASA 5510 goes about 100-150 bucks on eBay, but I've noticed there is different version v5, v7, v9 also seller mentioning licensing. So which one is the decent one out there that will be best for a money and not so outdated?

         
        • 1. Re: Cisco ASA 5510 which one to buy?
          Augusto

          Hello Vlad!

           

          Take a look here: Which ASA Device - 5505 or 5510?

           

          Regards,

          Augusto

          • 2. Re: Cisco ASA 5510 which one to buy?
            Vlad

            Augusto

            Thank for a link. So I 5505 sounds like a good option it's fanless and has never firmware. Bur 5505 can do routing only Vlan switching is that right?

            • 3. Re: Cisco ASA 5510 which one to buy?
              towagner

              Another option you might consider is VIRL - Virtual Internet Routing Lab.  This is a complete Cisco simulator that allows you to configure multiple virtual Cisco routers and switches based on actual IOS.  You can also add the ASAv, a virtualized ASA device into your topology.  VIRL is $200 and can be run using desktop virtualization software, or can purchased as a hosted service in the cloud via Packet's bare-metal server rental. 

              • 4. Re: Cisco ASA 5510 which one to buy?
                Aldo

                Hi dude, have you try GNS3 for your lab enviroment?

                I recommed you the 5506-X the NGFW, the 5500 series is at end of life and end of sale, so you might want to buy a newer device and you can use it for security @ home and to make your lab.

                Best Regards!

                • 5. Re: Cisco ASA 5510 which one to buy?
                  Vlad

                  Yes, GNS3 is a good option to practice. But I also like to try physical equipment to work with.

                  From your suggestions sounds like ASA 5510, not an option, and 5506-X is a bit too expensive for lab equipment (at least for my budget).  

                  I need to research Cisco ASA5505-SEC-BUN-K9 Security Plus more. What you guys think?

                  • 6. Re: Cisco ASA 5510 which one to buy?
                    Augusto

                    Hi Vlad!

                     

                    For study purposes 5505 with security plus is a good option in my opinion.

                     

                    Regards,

                    Augusto

                    • 7. Re: Cisco ASA 5510 which one to buy?
                      Augusto

                      Vlad,

                       

                      5505 supports inter-vlan routing, static routes and dynamic routing.

                       

                      Regards,

                      Augusto.

                      • 8. Re: Cisco ASA 5510 which one to buy?
                        Aldo

                        yes, the ASA 5506-x is bit expensive, the ASA5505 will be helpful for your lab enviroment, you could make something great with it.

                         

                        Best Regards!

                        • 9. Re: Cisco ASA 5510 which one to buy?
                          Vlad

                          True, thank you

                          • 10. Re: Cisco ASA 5510 which one to buy?
                            Cisco_Jedi_Prodigy

                            I have VIRL but it is too slow on my machine (so have not really done anything in it) and am looking to buy a cheap server somewhere. Do you know if VIRL allows you to launch the ASDM/GUI for the ASAs on there? VIRL support sucks and have hard time getting help.

                            • 11. Re: Cisco ASA 5510 which one to buy?
                              Cisco_Jedi_Prodigy

                              I have VIRL but it is too slow on my machine (so have not really done anything in it) and am looking to buy a cheap server somewhere.

                              So I downloaded images from Cisco site when you are directed to there from the GNS site and downloaded many different images using my VIRL license. Each time I try and import the image, I get "unsupported IOS" error. I am using GNS on my desktop but not as a VM within VM Workstation or something. Do you know what may be the problem?

                              Also, do you know if I will be able to launch the ASDM/GUI once I am actually able to add a ASA device in GNS3? Any help is appreciated!

                              • 12. Re: Cisco ASA 5510 which one to buy?
                                Juergen Ilse CCNA R&S

                                I don't know of different hardware versions of ASA5510. If you want to buy one, be sure, that you get one with 1 GB ram (some versions may be only equipped with only 256 mb ram, which is not enough to run firmware newer that 8.2, an you really need at least firmware 8.3, better the newest available firmware, which would be 9.1.7 interims version). Also notice, that ASA5510 is officially not supported anymore (but in most points, the 9.1 firmware is compatible enough with current versions to do training for CCNA and CCNP level exams). The newest available firmware for ASA5505 (if you want to buy that one, you should get a version with 512 MB ram installed, if you want to run 9.2 firmware or install a security+ licence) is 9.2.4 interims version (currently 9.2.4(33)). The ASA5510 can't run any firmware newer than 9.1.x

                                If you want to run current ASA firmware, you should bay at least one of the 5500-X series (and if maybe also want to use firepower, maybe at least an ASA5506-X, which already includes the sfr firepower software module and can alternatively run FTD, Firepower Threat Defense software, instead of normal ASA firmware).

                                So if you decide to buy an ASA5510, it should have 1 GB ram and run firmware 9.1.x (or at least 9.0.x) or you should spend additional money for installation 1 GB of ram and you should have access to firmware 9.0.x or 9.1.x firmware for ASA5510 to be able to update the firmware to thar version ... If you have enough money to get an ASA5506-X, you may better get an ASA5506-X instead of an ASA5510.

                                • 13. Re: Cisco ASA 5510 which one to buy?
                                  Juergen Ilse CCNA R&S

                                  Vlad schrieb:

                                   

                                  Augusto

                                  Thank for a link. So I 5505 sounds like a good option it's fanless and has never firmware. Bur 5505 can do routing only Vlan switching is that right?

                                  ASA5505 has (in contrast to all other models) an intergrated switch, and you can only configure VLAN interfaces as Layer3 Interfaces.

                                  ASA5506-X (even without security+ license) has 8 routed gigabit interfaces instead of an integrated 8 port fast ethernet switch. The ASA5506-X is the more powerful device (in nearly every aspect), but the chance to get a used one is not very high, because there are no really old ones yet ...

                                  • 14. Re: Cisco ASA 5510 which one to buy?
                                    Juergen Ilse CCNA R&S

                                    Cisco_Jedi_Prodigy schrieb:

                                     

                                    Also, do you know if I will be able to launch the ASDM/GUI once I am actually able to add a ASA device in GNS3? Any help is appreciated!

                                    It is possible to run ASAv images in qemu (that is the way, GNS3 supports ASAv).But without a valid license, it is restricted to very poor throughput (enough for a lab, but unuseable in a production environment).

                                    1 2 Previous Next