CCNA Video Training Series

Instant Access, Web or Mobile!

Only $99 for 30 days...
Renew at half price!

Buy/Renew

Includes FREE Practice Exams!

Member Login

Lost your password?

Not a member yet? Sign Up!

Official Lammle User Forum

Results 1 to 13 of 13
  1. #1
    Join Date
    Nov 2007
    Location
    Kwaj
    Posts
    325

    Default Upcoming Project: Migrate from Checkpoint to ASA 5510

    I originally posted this under the Announcements heading, under my thread Moving To Texas.
    -------------------------------
    I just discovered that one of my projects will be to phase out an old CheckPoint Firewall machine and move that functionality into an ASA 5510.

    I briefly watched a couple of youtube videos on ASA configuration the other day. I'll have to go back and pay more attention. Looks like it's very similar to regular CLI stuff, with, of course, its own specific commands.

    I'll have to focus in on NAT and VPN configuration also.

    Anybody have some bits of info to share regarding ASA's? A good book? Ever replaced a CheckPoint machine with an ASA?


    This should be fun!
    I thought I was wrong once. But, of course, I was wrong.

  2. #2
    Join Date
    Mar 2008
    Posts
    2,887

    Default

    Funny enough i have done it the other way around!

    This may help you mate -

    http://www.networkworld.com/community/node/25312

    There is some differences in syntax with the ASA CLI, but most stuff is clear.
    Good luck.
    Maddox Thomas-Clark 14/10/2008
    Bean Thomas-Clark 18/09/2007
    Big Evils Cisco World
    Linkedin

  3. #3
    Join Date
    Nov 2007
    Location
    Kwaj
    Posts
    325

    Default

    So... just curious how much difference there is between an ASA 5505 and 5510.

    Is the 5510 basically just beefier, more powerful, etc. And is the configration basically the same in both?

    I ask becuase I can get an ASA 5505 a lot cheaper than a 5510. And I might add a 5505 to my home lab for testing and familiarization , etc.


    Side note: less than 2 weeks and I'll be back in Texas looking for a car (looking at the Subaru Forester 2.5 XT Touring) and a place to live and then starting the new job in April.
    I thought I was wrong once. But, of course, I was wrong.

  4. #4
    Join Date
    Mar 2008
    Posts
    2,887

    Default

    Depending on the model of 5505 (ltd, unltd or ext). But for the most part -

    Compliant Standards
    Flash size
    Ram
    Ports
    Throughput
    How many IPsec VPN
    How many SSL VPN
    Concurrent sessions
    VL's

    Enjoy TX!
    Maddox Thomas-Clark 14/10/2008
    Bean Thomas-Clark 18/09/2007
    Big Evils Cisco World
    Linkedin

  5. #5
    Join Date
    Nov 2007
    Location
    Kwaj
    Posts
    325

    Default

    Thanks BE...

    So, I guess my assumption is right then. I can get a 5505 to learn and that learning will directly translate into the use of a 5510... unless 'compliant standards' are significantly different, I reckon.

    I was looking at this:
    http://www.cablesandkits.com/cisco-a...ew-p-1349.html

    They also have the 'unlimited' version for a couple hundred bucks more. Don't know that I want to spend that much money on it though.

    Also, if I want to set up a 'test VPN' between a 'test partner' and a 'test company' in a lab, I guess I would need 2 of the ASA's, eh?
    I thought I was wrong once. But, of course, I was wrong.

  6. #6
    Join Date
    Mar 2008
    Posts
    2,887

    Default

    Yeah - but i would rather lab an ASA to a router or other FW vendor. ASA to ASA is going to be the same at both end config wise. If you can get that knowledge/skill on setting up different vendor to each other you will rule the known earth!
    Maddox Thomas-Clark 14/10/2008
    Bean Thomas-Clark 18/09/2007
    Big Evils Cisco World
    Linkedin

  7. #7
    Join Date
    Nov 2007
    Location
    Kwaj
    Posts
    325

    Default

    Ah... good point.

    Thanks.
    I thought I was wrong once. But, of course, I was wrong.

  8. #8
    Join Date
    Dec 2010
    Location
    Left Coast, California
    Posts
    306

    Default

    packetlife.net has two 5505's in there lab network.
    Kevin NET+SEC+A+CCNA
    'All that is not eternal is eternally out of date' ~ C.S. Lewis

  9. #9
    Join Date
    Nov 2007
    Location
    Kwaj
    Posts
    325

    Default

    So... just got my shiny new, discounted ASA5505 V09.

    BUT... What thu...????

    What sort of power connector is this? It has a fuse in it. I am assuming it is some sort of 'foreign' power connector. Should I be able to find an adapter to convert that 3 prong configuration to a standard U.S. 3 pong connector?


    Attached Images Attached Images
    I thought I was wrong once. But, of course, I was wrong.

  10. #10
    Join Date
    Nov 2007
    Location
    Kwaj
    Posts
    325

    Default

    Hmmm... Ok, looks like a UK style plug. I see there are UK to US power adapters around. I assume I can simply plug this one into the little adapter, plug that into the wall... an no magic smoke will exit the ASA.
    I thought I was wrong once. But, of course, I was wrong.

  11. #11
    Join Date
    Mar 2008
    Posts
    2,887

    Default

    Foreign plug wft? Look normal to me! LOL....
    Yeah either cut the "foreign" one off the end and replace with one that suits the country or just swap the whole cable part that is S shaped.

    When i used to work with ASA - most of ours come direct from Mexico and we had to buy boxes of UK power cables.
    Maddox Thomas-Clark 14/10/2008
    Bean Thomas-Clark 18/09/2007
    Big Evils Cisco World
    Linkedin

  12. #12
    Join Date
    Nov 2007
    Location
    Kwaj
    Posts
    325

    Default

    Wow... I actually have the job now. Now, among other tasks... have to convert the checkpoint firewall to asa firewall.. The main thing... don't screw up the in-place VPN!

    I thought I was wrong once. But, of course, I was wrong.

  13. #13
    Join Date
    Mar 2008
    Posts
    2,887

    Default

    Not a problem for you mate - and easy job. Best of luck.
    Maddox Thomas-Clark 14/10/2008
    Bean Thomas-Clark 18/09/2007
    Big Evils Cisco World
    Linkedin

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Powering down ASA 5510
    By bs_kwaj in forum PIX and ASA
    Replies: 2
    Last Post: 05-17-2012, 02:22 PM
  2. My First Real World WLAN Project
    By Saman in forum Questions and Comments
    Replies: 1
    Last Post: 06-01-2011, 06:31 PM
  3. ccna project help
    By gurpreetbangi in forum General Questions (Any Chapter)
    Replies: 0
    Last Post: 04-06-2011, 09:41 AM
  4. make a project on IPv6
    By baljeet in forum TCP / IP
    Replies: 4
    Last Post: 02-15-2010, 12:49 PM
  5. Networking Project
    By mallikarjunarao in forum Routing
    Replies: 4
    Last Post: 12-31-2008, 01:09 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •