[c-nsp] Firewalls "as-a-service" in an MPLS infrastructure...
Max Pierson
nmaxpierson at gmail.com
Mon Jul 11 09:17:54 EDT 2011
>In multiple context mode, there is no support for:
>- dynamic routing
Wow, I knew that crypto was dead when you enable it for vFW, and this was a
show stopper for us, but I did not know that dynamic routing was axed as
well when you did this. Glad we decided to go the Fortinet route. Why one
would buy an ASA for simple packet filtering and IDS in a virtual/MPLS setup
is beyond me. Cisco needs to address this. Does anyone know if this is a
hardware limitation or just a bean counter limitation???
-
max
On Mon, Jul 11, 2011 at 3:00 AM, Nick Hilliard <nick at foobar.org> wrote:
> On 09/07/2011 17:22, Derick Winkworth wrote:
> > The ASA I think can support up to 500 contexts now, but with contexts
> enabled
> > I'm hearing there is no crypto support. I'm not sure this is an
> impediment for
> > us but I can see it being an issue for folks.
>
> In multiple context mode, there is no support for:
>
> - dynamic routing
> - ipsec
> - any sort of VPN
> - QoS
> - phone proxy
> - pppoe
>
> Although multiple contexts are something I'd like to use, their limitations
> on ASA are so severe that I don't use them.
>
> Nick
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list