[c-nsp] Hardware for 'managed firewall'

christian christian at automatick.net
Tue Sep 29 23:34:06 EDT 2009


netscreen management (cli/NSM) is one of the worst i've ever encountered

as far as the topic at hand - i agree w/ Justin's comments - what i've
done in past is FWSM's in the chassis and a pair of asa's for vpn
termination

On Tue, Sep 29, 2009 at 8:23 PM, Dave Weis <djweis at internetsolver.com> wrote:
>
> On Wed, 30 Sep 2009, David Hughes wrote:
>>
>> On 30/09/2009, at 7:08 AM, Dave Weis wrote:
>>>
>>> On Tue, 29 Sep 2009, Christopher Hunt wrote:
>>>>
>>>> As I painfully discovered, the Cisco ASA in Multiple Context mode does
>>>> not support IPSEC VPN clients nor L2TP3 tunnels
>>>
>>> That's a pretty big omission! Any ETA to add that capability?
>>
>> Yeah, they've never supported VPN in multi-context mode.  Major pain.  And
>> if you are a dense hosting provider the 50 context limit (and limited
>> performance) of a 5540 for example doesn't work too well.  These issues made
>> us look around again and J-Vendor's boxes are making the ASA's look a bit
>> ordinary.
>
> I never enjoyed working on the netscreens. I suppose if each virtual
> firewall customer could get the same awkward web interface for self
> provisioning it could be made to work.
>
> --
> Dave Weis
> djweis at internetsolver.com
> http://www.internetsolver.com/
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>


More information about the cisco-nsp mailing list