Hi folks,
We decided to replace a pair of 5510 we use only for customer vpn using anyconnect and ipsec tunnel because they're missing some required ciphering.
And we choose for this job a new pair of 5508-X . You don't change a winning team !
After some test, we found that FTD don't perform etherchannel and failover without a FMC that we didn't purchase. And we found that Firepower services for ASA sucks in failover environment.
So now, we're are back to our good old friend: ASA and ASDM.
I'm planning to recreate and redeploy all our anyconnect configuration using scripts and probably Ansible as I am used to it.
The REST api look promising, but I found some bad review concerning it that bother me.
So, my question is :
Do some of you perform automation on Cisco ASA and if yes, do you prefer to use the CLI or the REST api ? any pros/cons on both will help me choose before start from scratch this project.
Thanks !
No comments:
Post a Comment