Looking to upgrade my 5505 FW to 5506 X

Hello,

Have been thinking of upgrading my 5505 FW to a 5506X, and coincidentally, I am now having problems with the ICMP. The FW suddenly stopped blocking pings and everything seems like if they are hanging on the internet. Now all servers are pingable from both outside and inside. I have reviewed everything in the ASDM, but I am afraid to restart the FW, for fear that it may not boot up, or even more things could be wrong which will only show up after a reboot.

I am not a specialist in FW. So any expert advice will help me a great deal.
The second thing is I will like to know if i can use the same FW to create a DMZ with my two DNS servers on it with all my servers on the inside network and NAT them through to the outside as I have now. Is that the most reliable way to go about it. I am willing to spend a bit extra to have a setup with two FW's running as Active  Active. What all will i need to accomplish this setup?
Thank you in advance

Richard
Richard ThomasAsked:
Who is Participating?
 
SIM50Connect With a Mentor Commented:
Have been thinking of upgrading my 5505 FW to a 5506X, and coincidentally, I am now having problems with the ICMP. The FW suddenly stopped blocking pings and everything seems like if they are hanging on the internet. Now all servers are pingable from both outside and inside. I have reviewed everything in the ASDM, but I am afraid to restart the FW, for fear that it may not boot up, or even more things could be wrong which will only show up after a reboot.

Can you post sanitized config?

The second thing is I will like to know if i can use the same FW to create a DMZ with my two DNS servers on it with all my servers on the inside network and NAT them through to the outside as I have now.

Yes. Instead of VLAN interfaces, you will have to configure physical ports. ASA5506X has all routed ports.

I am willing to spend a bit extra to have a setup with two FW's running as Active  Active.

Contexts are not supported in ASA5506X so you can't have active/active failover cluster. You can only have active/standby.
0
 
SIM50Commented:
Answered.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.