08-25-2012 09:47 AM - edited 03-04-2019 05:22 PM
Hello!
I'm looking for help in selecting a router for a new home I am working in. I am installing a home automation system and the project has expanded into networking. I am fairly familiar with networking, but need some help selecting the hardware I need to get the job done.
The customer will have a cable connection coming in. To be future proof I want NAT and firewall throughput to be at least 300mbps. It would also be nice to have either a second WAN interface built in, or at least the ability to add a second.
The router needs to support 802.1Q VLANS but I need "granular" inter-VLAN routing. The routers I have had experience with so far have inter-VLAN routing, but its all or nothing. I want to be able to route only certain ports to specific IPs.
For example
10.0.0.0/24 - "Internal Net" VLAN 1
10.0.1.0/24 - "Guest WiFi" VLAN 2
I have a web server at 10.0.0.2, I want clients on the guest wifi to be able to reach 10.0.0.2 on port 80 only. I will have printers and other things as well I will want to open up ports for as well.
I would also like the router to have built in support for VPN connections for remote access to the homes network.
Thanks for the recommendations!
Also, if there is another brand of hardware you think would be better suited, I am open to that as well.
08-25-2012 10:00 AM
Considered the throghoutput, the need for VPN and VLAN you need to go on a gigabit capable router.
I would select an ISR-G2 with Security license.
Try Cisco 1921 or 1941 with SEC-K9 license ....
Dual Gigabit router with accelerated VPN engine. These are also modular so you can add interfaces if needed.
I would also recommand thinking about what switch are you going to couple with it (3560C?)
Cheers
Fabio
08-25-2012 06:44 PM
To be future proof I want NAT and firewall throughput to be at least 300mbps.
And 300 Mbps is in full duplex and running full encryption, I suppose?
If this is so, then 3945E (not to be confused with the non-E) should have enough grunt to push 300 Mbps (full duplex and full encryption).
08-25-2012 11:19 PM
Hello leolaohoo,
bigger is better:-)
But he said home router a 3945E goes for over $9000 while a 1921 for less than 1000 a 1:10 cost ratio .....
Also consider the noise and the power in a home environment.
But I am onlye guessing ....
Fabio
08-25-2012 11:54 PM
But he said home router a 3945E goes for over $9000 while a 1921 for less than 1000 a 1:10 cost ratio
I agree Fabio, however, a 1900 ISR G2 will find difficulties in pushing 300 Mbps (full duplex and full encryption) worth of traffic.
08-26-2012 12:55 AM
leolaohoo wrote:
But he said home router a 3945E goes for over $9000 while a 1921 for less than 1000 a 1:10 cost ratioI agree Fabio, however, a 1900 ISR G2 will find difficulties in pushing 300 Mbps (full duplex and full encryption) worth of traffic.
Concur however,
he said Home router and considering that even in the states, using FIOS fiber to the home the best you can get is 50 Mbps with standard at 25 Mbps (and we are talking dynamic IP address) 300 Mbps are kind of an overkill in the WAN domain. That is why I was suggesting a L3 Gigabit Switch to go along with the 1921 ($1000+$600 gives the performance he might need in the LAN domain from the layer 3 switch and the speed he needs in the WAN domain from the ISR G2 router.
If he needs to run VPN between (V)LANs, the whole HOME paradigm will fall and then the budget might as well be for the 3945E.
Cheers
Fabio
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide