Our office currently uses a dated Pix 501 to allow VPN connections. We have the option to upgrade to an ASA, but I'm wondering first if Pix are known to work with Macs? We've recently setup a Xserve storage array and need to get people remote access.
An alternative might be to setup VPN on an Xserve, but we don't have any additional public IPs available. Would it be a problem switch the port it runs under?
Best Answer
The newer versions of the software that are available in ASA units (with PIX 501 you're stuck with 6.3) have certain features that might make the upgrade worthwhile. However, none of them improves anything specific to OS X. PIXes can protect Macs, they can allow Macs to connect as VPN clients, you can use a Mac to manage your PIX - so all bases are covered.
So, if you want SSL VPN, or routing traffic out the same interface it arrived, or anything else you get in version 7 or 8 - get an ASA. If, however, you have no idea what I'm talking about, you can safely stay with the PIX.