Cisco Cisco Catalyst 6500 Series 7600 Series ASA Services Module Notas de publicación
![Cisco](https://files.manualsbrain.com/attachments/7380d0050044647c30f5c24bbbf5d0c0b6d9bb84/common/fit/150/50/faa183d287233c52228cfea3dbc2a127fe780f60564fcb0955d9c3d1cd23/brand_logo.png)
4
Release Notes for the Cisco ASA Series, Version 9.0(x)
System Requirements
router-id 172.18.0.2
network 172.18.0.0 255.255.255.0 area 0
log-adj-changes
neighbor 172.18.0.7 interface core
•
(ASA 5510, ASA 5520, ASA 5540, and ASA 5550 only) We strongly recommend that you enable
hardware processing using the crypto engine large-mod-accel command instead of software for
large modulus operations such as 2048-bit certificates and DH5 keys. If you continue to use software
processing for large keys, you could experience significant performance degradation due to slow
session establishment for IPsec and SSL VPN connections. We recommend that you initially enable
hardware processing during a low-use or maintenance period to minimize a temporary packet loss
that can occur during the transition of processing from software to hardware.
hardware processing using the crypto engine large-mod-accel command instead of software for
large modulus operations such as 2048-bit certificates and DH5 keys. If you continue to use software
processing for large keys, you could experience significant performance degradation due to slow
session establishment for IPsec and SSL VPN connections. We recommend that you initially enable
hardware processing during a low-use or maintenance period to minimize a temporary packet loss
that can occur during the transition of processing from software to hardware.
Note
For the ASA 5540 and ASA 5550 using SSL VPN, in specific load conditions, you may want
to continue to use software processing for large keys. If VPN sessions are added very slowly
and the ASA runs at capacity, then the negative impact to data throughput is larger than the
positive impact for session establishment.
to continue to use software processing for large keys. If VPN sessions are added very slowly
and the ASA runs at capacity, then the negative impact to data throughput is larger than the
positive impact for session establishment.
The ASA 5580/5585-X platforms already integrate this capability; therefore, crypto engine
commands are not applicable on these platforms.
commands are not applicable on these platforms.
•
Only users with a privilege level of 15 may copy files to the ASA using the secure copy protocol
(SCP).
(SCP).
System Requirements
For information about ASA/ASDM requirements and compatibility, see Cisco ASA Compatibility:
For VPN compatibility, see the Supported VPN Platforms, Cisco ASA 5500 Series:
New Features
•
•
•
•
Note
New, changed, and deprecated syslog messages are listed in the syslog message guide.
New Features in Version 9.0(4)
Released: December 5, 2013
There are no new features in Version 9.0(4).