Had a 5505 ASA blow up last night (Saturday). Configuring a new FPR-1010-ASA-K9 for the first time (just ran out of 5506 stock), and seeing I cannot use 3DES or above without registering the 1010 with the Smart Portal / getting a token, which appears to only be able to be done with internet connectivity.
Are you #$%k!ng kidding me Cisco? You DO know that many of us work with locations outside of our timezones and like to configure the firewall in it's entirety so the site can just plug in the cables and go without needing to wake us up at 2am because we can't pre-provision the VPN tunnels now right?!
This is going to create an epidemic of DES tunnels everywhere, with the intention of changing them to AES once the firewall is installed. But let's be honest, we know that's not going to happen quickly because, uptime and whatnot.
Christ. Does anyone have a workaround for this?
No comments:
Post a Comment