cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
6472
Views
16
Helpful
16
Replies

3 WAN Connections on a Router

Hi everyone,

We are having 3 internet connections coming in to one of our customer's main offices for redundancy and etc. I would like to replace the 3 routers with a one for easier support and management. One of the connections is an ADSL and the other 2 are leased lines so they terminate with an RJ45 connection.

Would something like a Cisco 2911 + HWIC ADSL card be sufficient enough or would you recommend something else?

Many thanks,

Dmitry

16 Replies 16

paolo bevilacqua
Hall of Fame
Hall of Fame

That is fine, even a 2901 or even a 19xx works for that.

Thank you,

Would you suggest an ASA firewall behind that as well or simply get a license for an IPS on that router?

No ASA is required neither recommendable where you have a router. That is because the  router can optionally be configured to be a firewall, moreover its much easier to configure and troubleshoot, it has much much more features, and it doesn't have all the confusing licensing requirements as the ASA.

Hi,

The answer depends on the other factors such as the bandwidth of the links, the configuration (e.g encryption, packet compression, ip cef enabled, access-lists, nat) etc.

You can check the product routing performance of cisco routers to the next link

http://www.cisco.com/web/partners/downloads/765/tools/quickreference/routerperformance.pdf

Hope that helps,

Vasilis

Ideally a firewall for the best overall performance and future growth?

This is also depends on the money that you can spend and future needs...

Definetely an ASA is preffered over a router with FWL capabilites.

This would reduce the load of you router, improve the performance and can have additional security features

The customer is now looking to get 3 leased lines, normally they provide a cisco router with a leased line. I guess my question would be then if they just need an ASA rather than a router?

A router it's a device designed to route packets, meanwhile a firewall it's designed to filter traffic.

Moreover, a router has normally interfaces that a firewall does not have. It's hard to find a firewall with ATM or Serial interfaces to connect it to the WAN. So, in such cases you'll need a router l to connect your network to the ISP.

Hope that helps,

Vasilis

Thank you Vasileios, but if I have 3 routers already provided by the ISP and their are Cisco 2911s then I would need to get an ASA to do the route decisions and traffic filtering and etc?

Customer would use one line for general internet, second for site-to-site VPN and 3rd as a backup.

Regards,

Dmitry

In this setup and  if you have to use the three routers, a solution to add a FWL connected to the routers which will be  responsible to filter the traffic and provide basic routiing towards the 3 routers seems ok.

Just consider, since the resilience is critical for your customer according to your post if you need to have to  2 FWLs for

redundancy.

HTH,

Vasilis

.

What is an FWL?

This is what the customer says:

We currently have one from eclipse which is a Cisco (The same as what you quoted us for). However, we aren't allowed any management access to this, so I assume it will be the same kind of thing.

What we are generally looking for is a router that can support all 3 connections, so if a connection goes down it switches to the next one automatically.

We have had some issues here the past few days, our gateway server went down yesterday and had to be re-built, which meant we had no internet all day.

That is the reason my manager is now pushing to get things upgraded, as we cannot afford outages such as that to happen.

When you have multiple conenctions and want advanced routing and features, use a router not a firewall.

And also for security, a router is safe as a firewall is.