Cisco ASA site to site setup
Posted on 2011-10-17
Here is my current scenario. I have a Dallas sales office which has a domain controller and 10 computers. The Dallas site is connected to our main office (CFA) by a T1. Also, the Dallas site has a DSL modem just in case the T1 fails. The Dallas users simply VPN over the DSL connection to our Sonicwall VPN device if the T1 fails.
What I plan to do is to eliminate the T1 connection by buying an ASA 5510 and an ASA 5505. The 5510 will be located at CFA while the 5505 will be installed at the Dallas site. Also, our parent company is located in Japan. We use an AT&T Netgate router for secure connections from CFA to Japan. To eliminate the Netgate we thought about purchasing an ASA router for Japan as well.
My question is this, "Is my proposed setup correct?" The reasoning for the 5510 is it allows for more VPN site to site connections than the 5505. However, I will only have at the most three site to site connectons (one to Dallas, one to Japan, and another connection to a sister company). Also, if we get rid of the T1 connection, would there be a redundant Internet connection if the site to site connection failed? I would still have the DSL modem in place so I would guess that this would be my fail over plan if one of the ASA routers failed out.
At this time, I have not purchased the ASA routers. If you believe there is a more superior product than the ASAs then please share your thoughts and give some real world examples of how it helped you or another IT professional accomplish their goals. Thanks for your time.