Why I never use Cisco ASAs for Site to Site VPNs

  • ASAs don’t support virtual interfaces for tunnels the way IOS Routers do.
  • ASAs don’t allow for running Dynamic Routing protocols over VPN tunnels.
  • ASAs don’t allow for overlapping crypto map statements.
  • ASAs don’t allow to pin VPN tunnels to different tenants

But yeah, let’s use Cisco ASAs for all our VPN tunnels.  Great idea.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s