Please feel free to contact us regarding our inventory of refurbished Cisco networking equipment, or if you have any additional questions regarding this ASA5505-BUN-K 8-Port SSL 3DES/AES with Software 10 IPSec VPN Peers Network Security/Firewall Appliance. This Cisco ASA5505-BUN-K 8-Port SSL 3DES/AES with Software 10 IPSec VPN Peers Network Security/Firewall Appliance is in refurbished condition and is fully guaranteed by our 90-day warranty. Virtualization: 10 x Users on the LAN, 10 x IPSec VPN Peer, 2 x SSL VPN Peer, 3000 x Concurrent Session, 25 x SSL VPN Peer, 10000 x Concurrent SessionĪdditional Information: 1 x Security lock slot, 1 x SSC card slot, 2 x PoE ports included Product Type: Network Security/Firewall Applianceįorm Factor: Desktop, Rack-mountable, Wall Mountable Product Name: Asa 5505 8 Port SSL 3DES/AES With Software 10U The Cisco ASA 5505 also provides significant expandability and investment protection through its modular design, similar to the rest of the Cisco ASA 5500 Series, offering both an external expansion slot and multiple USB ports that enable the addition of services in the future. The Cisco ASA 5505 provides two Power over Ethernet (PoE) ports, enabling simplified deployment of Cisco IP phones with zero-touch secure voice over IP (VoIP) capabilities, and deployment of external wireless access points for extended network mobility. The Cisco ASA 5505 features a flexible 8-port 10/100 Fast Ethernet switch, whose ports can be dynamically grouped to create up to three separate VLANs for home, business, and Internet traffic for improved network segmentation and security. Using the integrated Web-based Cisco Adaptive Security Device Manager, the Cisco ASA 5505 can be rapidly deployed and easily managed, enabling businesses to minimize operations costs. Also not supported are deny route-maps.The Cisco ASA 5505 Adaptive Security Appliance is a next-generation, full-featured security appliance for small business, branch office, and enterprise teleworker environments that delivers high-performance firewall, SSL and IPsec VPN, and rich networking services in a modular, "plug-and- play" appliance. I guess you could also do this with set ip default, but that's not supported on the 3550. You can get around it by logically reversing the ACL entries and putting only permit statements in, with routes to EVERY Internet address except for the traffic to be handled by the routing table, but that's some kind of crazy. Two, putting both a deny and a permit in a PBL route-map ACL causes the traffic to be process switched on the 3550, which is terrible. One, I think this is the wrong way to do this and I hate how hacky it feels. I had originally done this with PBR on the 3550, and setting the next-hop router for the traffic to an interface on the 5505, which was trunked up. I'd really like to keep the traffic from vlan 50 and 60 assigned to their own ACLs if possible, and indeed pretty much act like they're layer 2 trunked up to the 5505. The problem is if I do that the ASA sees all traffic coming from the point to point VLAN, and it makes managing ACLs for the two different networks tricky because all of the rules now have to be in one ACL (I think anyway). I think how this would be done is to create a point to point link from the 3550 to the ASA with a /30. If the 3550 wasn't doing Layer 3, I would just trunk the two VLANs up to the 5505 and do all the NAT and ACLs over there. Internet access to both of these is provided by an ASA 5505 that's connected to the Internet on the outside interface. I have a 3550 that's routing between vlans 50 and 60. I've never really played with a switch before, so I'm a little confused how this would work.