cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Ask the Expert- SD-WAN

258
Views
5
Helpful
1
Replies
Highlighted
Beginner

IS RV260P the right choice?


Hi Everyone,
I plan to enhance my home (private) network configuration. I'm not sure of which hardware to choose, that's why I'm turning to you, the CISCO community.

 

The final configuration will be as follow:
- 1 connection to the ISP (Internet) with 1 single public, dynamic IP address at disposal (DHCP, the IP address may change over the time). This is fix, I cannot change this.
- 1 private subnet for all PCs, tablets and smartphones, could be separated in 2 subnets in the future
- 1 DMZ with the possibility to connect more than one server.
- The DMZ subnet is different from the private subnet
- 1 router/FW
- 1 Wifi access Point (separated hardware through PoE)

 

To me, the router/FW must perform the following:
1. NAT between ISP and private subnet
2. NAT between ISP and DMZ subnet
3. DHCP server for private subnet
4. optional: DHCP for DMZ
5. "Fix DHCP": IP address reservation through MAC Address on private subnet, optional on DMZ subnet
6. DDNS support
7. allows communication from private subnet to ISP
8. allows communication from private subnet to DMZ
9. Deny communication from ISP to private subnet
10. Deny communication from DMZ to private subnet
11. allows communication from ISP to DMZ but only for some services (e.g.: http, ftp, self defined port,...)

 

My idea is to buy one CISCO RV260P router.
My questions are:
- does the RV260P router fulfil the needs? I think points 1,3,5,6 above are ok, I don't know for the others.
- should I use the "hardware DMZ" functionality or should I define 2 VLANS, one for the private subnet and one for the DMZ subnet + defining ACL in the FW section?
- Any other suggestion?
- more generally, what is the "Inter-VLAN routing" option when defining VLANS? If enabled, does it allow communication between PCs one both VLANS or is it something else?

I thank you in advance for your support.
Sincerely,
Manuel

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Expert

Re: IS RV260P the right choice?

Hello MW12,

you can check all of your questions by reading the configuration guide for the RV260P here:

 

https://www.cisco.com/c/dam/en/us/td/docs/routers/csbr/RV260/Admin_Guide/b_RV260x_AG.pdf

 

about your questions:

inter Vlan routing means allowing routing between different Vlans in your case the private Vlan and the DMZ Vlan for example.

The firewall feature can provide access rules between the different Vlans as required.

 

The device supports POE verify how much power is required by your access point to be sure the router can provide the necessary power.

pag 57 of the above guide explains how to configure per Port POE, default settings is 15 W, max 30 W.

 

Regarding your list I would say:

1-3 yes supported by firewall feature see pag.77 and following

4 supported

5   see the static DHCP feature on page 60 it is what you want.

6 DDNS yes see pag 52 of the guide

7-11 yes with firewall feature with appropriate access rules configured see firewall section page 77

 

Hope to help

Giuseppe

 

 

 

 

1 REPLY 1
Hall of Fame Expert

Re: IS RV260P the right choice?

Hello MW12,

you can check all of your questions by reading the configuration guide for the RV260P here:

 

https://www.cisco.com/c/dam/en/us/td/docs/routers/csbr/RV260/Admin_Guide/b_RV260x_AG.pdf

 

about your questions:

inter Vlan routing means allowing routing between different Vlans in your case the private Vlan and the DMZ Vlan for example.

The firewall feature can provide access rules between the different Vlans as required.

 

The device supports POE verify how much power is required by your access point to be sure the router can provide the necessary power.

pag 57 of the above guide explains how to configure per Port POE, default settings is 15 W, max 30 W.

 

Regarding your list I would say:

1-3 yes supported by firewall feature see pag.77 and following

4 supported

5   see the static DHCP feature on page 60 it is what you want.

6 DDNS yes see pag 52 of the guide

7-11 yes with firewall feature with appropriate access rules configured see firewall section page 77

 

Hope to help

Giuseppe

 

 

 

 

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards