RE: Product number/description for ASA

From: muhtari.adanan@bt.com
Date: Wed Jun 25 2008 - 07:35:40 ART

• Next message: Almog Ohayon: "Real Lab Exam Questions"
• Previous message: Luan M Nguyen: "RE: Re: Reviews for Narbik's bootcamp"
• Maybe in reply to: Ajay mehra: "Product number/description for ASA"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

How does one unsubscribe from this forum?

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Brian McGahan
Sent: 25 June 2008 06:21
To: Ajay mehra
Cc: Cisco certification; security@groupstudy.com
Subject: Re: Product number/description for ASA

Hi Ajay,

    If they are paying then the more the merrier ;) Otherwise make sure
to rent some rack time later in your preparation to cover active/standby
and active/active failover, as these can be tricky configurations that
can leave your network non-functional if you don't know the correct
order that it needs to be implemented in.

HTH,

Brian McGahan, CCIE #8593 (R&S/SP/Security)
bmcgahan@internetworkexpert.com <mailto:bmcgahan@internetworkexpert.com>
 
Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-224-8987 x 705
Outside US: 775-826-4344 x 705
24/7 Support: http://forum.internetworkexpert.com
Live Chat: http://www.internetworkexpert.com/chat/

Ajay mehra wrote:
> Thanks Brian for making it clear.
>
> To be precise my employer is buying one ASA for me. I could convince
> him on buying at least one but not all the CCIE security devices.
> Depending upon the equipments availability in my project lab I am
> planning to build minimum possible labs referring to IE VOL 1 and then

> use rack rentals for rest of the VOL 1 and VOL 2.
>
>
> Thanks ,
> Ajay
>
>
> On 24/06/2008, Brian McGahan <bmcgahan@internetworkexpert.com> wrote:
>
>> The part number is ASA5510-SEC-BUN-K9. You need the security plus
>> feature set to run active/active failover for multiple context mode,
>> which is a very important feature to learn during your preparation.
>> Honestly you may consider using rack rentals instead of buying
>> equipment for the security exam, as these ASAs can run you about
>> $3000 USD apiece with this feature set.
>>
>> If you do end up buying them make sure you don't make the mistake of
>> buying ASA5510-BUN-K9, as it cannot run the feature set you need, and

>> it's not like an IOS router where you can just upgrade the code. The

>> feature set is based on an activation code for your individual serial

>> number that you have to get from cisco.com. If you're weary about
>> your seller for it get the output from the show version from them,
like below. Make sure that it says "Failover:
>> Active/Active" and "Security Contexts: 2" or a number higher than 2.
>>
>>
>> ciscoasa# show version
>>
>> Cisco Adaptive Security Appliance Software Version 7.2(3) Device
>> Manager Version 5.2(2)
>>
>> Compiled on Wed 15-Aug-07 16:08 by builders System image file is
>> "disk0:/asa723-k8.bin"
>> Config file at boot was "startup-config"
>>
>> ciscoasa up 1 hour 20 mins
>>
>> Hardware: ASA5510, 256 MB RAM, CPU Pentium 4 Celeron 1600 MHz
>> Internal ATA Compact Flash, 256MB
>> BIOS Flash M50FW080 @ 0xffe00000, 1024KB
>>
>> Encryption hardware device : Cisco ASA-55x0 on-board accelerator
>> (revision
>> 0x0)
>> Boot microcode :
CNlite-MC-Boot-Cisco-1.2
>> SSL/IKE microcode:
CNlite-MC-IPSEC-Admin-3.03
>> IPSec microcode :
CNlite-MC-IPSECm-MAIN-2.04
>> 0: Ext: Ethernet0/0 : address is 001b.d46e.3f48, irq 9
>> 1: Ext: Ethernet0/1 : address is 001b.d46e.3f49, irq 9
>> 2: Ext: Ethernet0/2 : address is 001b.d46e.3f4a, irq 9
>> 3: Ext: Ethernet0/3 : address is 001b.d46e.3f4b, irq 9
>> 4: Ext: Management0/0 : address is 001b.d46e.3f47, irq 11
>> 5: Int: Not used : irq 11
>> 6: Int: Not used : irq 5
>>
>> Licensed features for this platform:
>> Maximum Physical Interfaces : Unlimited
>> Maximum VLANs : 100
>> Inside Hosts : Unlimited
>> Failover : Active/Active
>> VPN-DES : Enabled
>> VPN-3DES-AES : Enabled
>> Security Contexts : 2
>> GTP/GPRS : Disabled
>> VPN Peers : 250
>> WebVPN Peers : 2
>>
>> This platform has an ASA 5510 Security Plus license.
>>
>> Serial Number: xxxxxxxxx
>> Running Activation Key: xxxxxxx
>> Configuration register is 0x1
>> Configuration has not been modified since last system restart.
>> ciscoasa#
>>
>>
>> Good luck!
>>
>> Brian McGahan, CCIE #8593 (R&S/SP/Security)
>> bmcgahan@internetworkexpert.com
>>
>> Internetwork Expert, Inc.
>> http://www.InternetworkExpert.com
>> <http://www.internetworkexpert.com/>
>> Toll Free: 877-224-8987 x 705
>> Outside US: 775-826-4344 x 705
>> 24/7 Support: http://forum.internetworkexpert.com
>> Live Chat: http://www.internetworkexpert.com/chat/
>>
>>
>>
>> Ajay mehra wrote:
>>
>> Hi Guys,
>>
>> I am planning to order ASAs for my CCIE security lab but I am not
>> sure which one to buy. Can anyone please let me know the exact
>> product number and description of ASA device being used in IE labs? I

>> am planning to build my topology similar to them. Their topology
>> diagram says ASA 5510 but what is the product number to fill the
minimum requirements.
>>
>> Thanks,
>> Ajay
>>
>>
>> _____________________________________________________________________
>> __ Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html

• Next message: Almog Ohayon: "Real Lab Exam Questions"
• Previous message: Luan M Nguyen: "RE: Re: Reviews for Narbik's bootcamp"
• Maybe in reply to: Ajay mehra: "Product number/description for ASA"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue Jul 01 2008 - 06:23:23 ART