Netscreen vs. Cisco ASA

Discussion in 'Cisco' started by Andreas Heinzelmann, Aug 30, 2007.

  1. Hi there!

    I just wanted to get some advice.

    I have to set up 10 dial-up-VPNs (IPSec) to our corporate network. The
    available Hardware Platform is a Juniper NS5GT with which I have no
    experience at all.
    On the other hand I could use a Cisco ASA Appliance (probably the 5505).

    So could you please give me some pros and cons about the two systems? I
    would really appreciate it.

    Thanks....Andy

    P.S. I have some Cisco experience (CCNA Level)
     
    Andreas Heinzelmann, Aug 30, 2007
    #1
    1. Advertising

  2. * Andreas Heinzelmann wrote:
    > So could you please give me some pros and cons about the two systems? I
    > would really appreciate it.


    Choose the system you can work with. Your Cisco IOS experience is not that
    helpful on ASA, but it might cut down the learning step.
     
    Lutz Donnerhacke, Aug 30, 2007
    #2
    1. Advertising

  3. Andreas Heinzelmann

    Guest

    Andreas Heinzelmann <> wrote:
    > Hi there!
    >
    > I just wanted to get some advice.
    >
    > I have to set up 10 dial-up-VPNs (IPSec) to our corporate network. The
    > available Hardware Platform is a Juniper NS5GT with which I have no
    > experience at all.
    > On the other hand I could use a Cisco ASA Appliance (probably the 5505)..


    The 5GT might be just a bit too small for the task, since the standard
    license only gives you 10 tunnels to work with. So if you plan to expand
    on the number of tunnels in the near future you either need an extended
    license for the box, or a bigger box with higher limits.

    The 5GTs basically come in 3 flavors:

    License Users Sessions Tunnels
    10-user 10 2000 10
    Plus unlim 2000 10
    Extd. unlim 4000 25

    ("get license" on the cli will get you the license and limits on the box)

    If you plan to do granular acls you might also hit the 5GT limit of 100
    acls.

    > So could you please give me some pros and cons about the two systems? I
    > would really appreciate it.


    Myself, I find the PIX syntax somewhat arcane and unintuitive. YMMV
    though. The Netscreens are IMHO straight forward to configure. But as
    Lutz wrote, use the box you can work with best _and_ that fits the
    requirements.

    > Thanks....Andy


    Ciao Chris
    --
    All diese Momente werden verloren sein in der Zeit, so wie Tränen im Regen
    Dipl-Ing (FH) Christian 'Dr. Disk' Hechelmann <> IRC: DrDisk
    GPG Fingerprint: 53BF634B 28326F92 79651A15 F84ABB55 4F068E4E
    Ich finde, scharfe Waffen und "Feuer nach eigenem Ermessen" sollte zum
    Adminjob dazugehören. [Lars Marowsky-Bree in d.a.s.r]
     
    , Sep 3, 2007
    #3
  4. writes:
    >Andreas Heinzelmann <> wrote:
    >> Hi there!
    >>=20
    >> I just wanted to get some advice.
    >>=20
    >> I have to set up 10 dial-up-VPNs (IPSec) to our corporate network. The
    >> available Hardware Platform is a Juniper NS5GT with which I have no
    >> experience at all.
    >> On the other hand I could use a Cisco ASA Appliance (probably the 5505)=

    >.


    >The 5GT might be just a bit too small for the task, since the standard
    >license only gives you 10 tunnels to work with. So if you plan to expand
    >on the number of tunnels in the near future you either need an extended
    >license for the box, or a bigger box with higher limits.


    FWIW: dialup VPNs don't usually use tunnels in Netscreen terminology.
    The 10 tunnel limit is more along the lines of site-to-site VPNs.

    I usually use up the limited session counts on the 5GT before anything else.
     
    Doug McIntyre, Sep 4, 2007
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Road Rage
    Replies:
    0
    Views:
    1,674
    Road Rage
    May 11, 2005
  2. Replies:
    2
    Views:
    5,493
    slimordium
    Jan 29, 2008
  3. Dil
    Replies:
    0
    Views:
    1,051
  4. Bart
    Replies:
    1
    Views:
    1,199
    bod43
    Jun 11, 2009
  5. ozoubi
    Replies:
    0
    Views:
    894
    ozoubi
    Sep 23, 2010
Loading...

Share This Page