09-08-2011 06:33 AM - edited 03-09-2019 11:39 PM
I am currently studying for my CCNP Security but will later move on to CCIE. I have the oportunity to get my hands on some very cheap 1841 routers now, but before I go buying stuff I would like to know what would be a good setup for CCNP Security study with the possibility of going to CCIE.
Also I have been eyeing an ASA 5505 Appliance with image ASA5505-BUN-K9, will this be sufficient or should I go for the 5510?
Would appreciate any advice on setting up this lab, preferably not too expensive.
Thanks
09-12-2011 01:16 PM
Hello Marius!
I am in the same boat as you. I have been struggling with trying to create a virtual environment within GNS3 software. What a pain THAT has been. I finally got it configured, but SDM's features dont all work. It might be the IOS, just haven't wanted to troubleshoot..need to let myself calm down for a couple days
Anyway, I was looking for purchasing a couple routers for my lab as well. I'm currently deployed overseas, so I've been avoiding it as I really dont have room in my quarters for some routers, etc. I can use them at work at least, so that might be the answer for me. But, in doing research, 1841's are listed at acceptable for use with SDM on Cisco's website here:
It has to have IOS 12.3(8)T4 or later.
I've been looking at 2610XMs myself...
Hope this helps!
09-12-2011 11:09 PM
I have gotten GNS3 working and it was fine when I did Routing and Switching. The problem with GNS3 is that many commands are missing (especially on the switches). I am guessing that it is because a 15 port router is used to simulate a switch. also am having issues getting ASA to work in GNS3 as I have been unable to "unpack" the IOS image I currently have to retrieve the initrd and kernel.
What I am currently looking at getting is 2 x 1841 routers, 2 x ASA 5510, and 2 x 3560 switches with EMI image.
Any comments about this setup for security study? Pros, cons...etc.
thanks,
09-13-2011 07:16 AM
If you want to test failover you'd need 2 ASA5510.
I wouldn't recommend 5505 since IOS commands differ "greatly" from the ASA5510 ones.
Also don't forget that CCNP Security includes IPS, and the exam is very difficult if you've never worked or trained with the SDM for IPS (it differs from ASDM pretty much).
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: