07-31-2008 12:36 PM - edited 03-03-2019 10:58 PM
I was recently hired by my current company and my boss told me to look into turning our 1841 into a router. Currently, only 1 slot is occupied with a WIC-1DSU-T1. Our PIX 501 firewall currently handles our routing functions.
Can anyone point me into the direction of a WIC or HWIC that we can put into the other slot and let the 1841 handle the routing so the PIX doesn't have too?
Solved! Go to Solution.
07-31-2008 01:20 PM
Okay, so you have the IP Base feature set. This likely does not include the IOS firewall or any crypto (VPN) features. If you have a vendor you get your Cisco gear from I would check into a IOS upgrade. Again, the Advanced Security should be what you want.
07-31-2008 12:39 PM
The Cisco 1841 is already a router. Can you clarify what you want it to route? A network diagram would could also clarify your question.
Jim
07-31-2008 12:49 PM
Hi Jim,
Sorry, routers are not my strong point...I am more of a server guy.
Anyway, we have our T1 coming into the 1841 and then the PIX firewall is connected to one of the Ethernet ports on the 1841. Attached is a diagram. (showing only what you need to see)
Basically, what he told me was, the 1841 is currently acting as a CSU/DSU but he wants it to be a router as well. He wants to implement VLANS.
07-31-2008 01:00 PM
No worries. Thanks for the info. Here are my thoughts.
The diagram shows basically what you are describing. Your 1841 is acting as an edge router. Have you considered dropping the Cisco PIX 501 out of your network and having the 1841 pick up its firewalling responsibilities? What other roles besides firewall is the PIX currently handling? VPN? I ask because with the appropriate IOS feature set the 1841 can easily do all of these jobs depending on traffic loads and such. The problem with having the 1841 be both an edge and internal router and keeping the PIX is that you would need to have the traffic routed twice. Once as outside traffic before the firewall and once again after the firewall has processed it. Rolling all of the functions into one device simplifies this. If you are unfamiliar with Cisco CLI I suggest checking out Cisco SDM as it has some very well designed GUI driven wizards to help you with all of this.
07-31-2008 01:05 PM
Yes, the PIX is acting as a firewall and VPN.
So you think the 1841 could handle all of that? We have a small network ~35 users.
07-31-2008 01:09 PM
Yes, I can confidently say that would be fine for ~35 users. Check out which IOS feature set and version your are currently running. The Advance Security feature set or above should probably include of what you need.
07-31-2008 01:12 PM
I am running IOS version 12.4. Not sure how to check the feature set.
07-31-2008 01:17 PM
show ver
The very first line will report the IOS version along with feature set.
07-31-2008 01:18 PM
Cisco IOS Software, 1841 Software (C1841-IPBASE-M), Version 12.4(1c), RELEASE SO
FTWARE (fc1)
07-31-2008 01:20 PM
Okay, so you have the IP Base feature set. This likely does not include the IOS firewall or any crypto (VPN) features. If you have a vendor you get your Cisco gear from I would check into a IOS upgrade. Again, the Advanced Security should be what you want.
07-31-2008 01:22 PM
Ok, thanks alot.
08-04-2008 08:24 AM
what you need is a total reorganisation of your network architecture,I will not really say you should get rid of the router,since you already have it. i will suggest u harden the router by disabling exploitable features and maximize the resources on the pics,ur vpn and basic firewall features. the advantage of doing this is basically to protect ur investments. for the new T1 line all u need is just a hwic that supports T1 eg the VWIC-1MFT-T1 and some other available ones,check cisco http://www.cisco.com/en/US/prod/collateral/routers/ps5853/product_data_sheet0900aecd8016a59b.html
08-01-2008 12:41 AM
08-01-2008 06:32 AM
Hello,
I would recommend posting new questions as a new discussion. It looks like you are almost there. Check out the following documentation. I think your route-maps need a little work.
http://www.cisco.com/en/US/tech/tk648/tk361/technologies_configuration_example09186a00808d2b72.shtml
08-04-2008 12:36 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide