Cisco recently has made a small step to improve ASA and has implemented logical tunnels, what means we got route based VPN! Really? Did we? Not so fast. Yes, we got route based VPN but still we have to add routes manually.
NAT on ASA differs to NAT on IOS routers regarding configuration.At first glance may seems to be very confusing, but as we see in a while the crucial is understanding where particular types of NAT take place, then configuration is not so hard.
Regarding Fault Tolerance ASA provides 2 solutions: Active/Standby and Active/Active. Whereas Active/Standby is simple in use Active/Active provides not only redundancy but load sharing as well. On the other hand, requires more expansive license. Anyway, in this article we will compare them and see how to configure.
Multiple Context on ASA provides the highest level of virtualization, within one single chassis we get 2 virtual firewalls. Each with separate Data and Plane Control. Idea similar to VRF but in Multiple Context we may share one interface between 2 contexts what makes its more sophisticated.