05-26-2011 04:40 AM - edited 03-04-2019 12:32 PM
Hello Guys,
Urgent one for you. I have a requirement for a internet connection along with a customer. I have ordered a 50Mb connection and the ISP is providing a /28 or /29 for use.. Im going to require the use of a ptp VPN tunnel using a cisco RV082. I need to split off 10Mb for a customer who will also need to create a PTP VPN connection.
Please can you indicate how I can achieve this? Do I need to place another switch before my RV082 and have the customer buy their own device to manage the VPN or can we somehow utilise the same device and split of the connection from an inside switch?
Thanks in advance!
05-31-2011 11:10 AM
Hello Guys,
Not sure why no responses to this one. Maybe in the wrong place?
To reiterate..
I have a datacenter ISP connection coming into my network shortly. (No internet connectivity at the moment)
50Mb coming via a colocated ISP
The ISP have given me a /27 to use (public addressess)
The requirements are as follows:
1: 30Mb for my environment
2: 10Mb for customer 1
3: 10Mb for customer 2
4: All 3 connections will require seperate IPsec VPN connectivity
5: They will be hitting the same switch behind the firewall. I will then use vlans to seperate the various connections on the internal network.
Im looking at using an cisco/linksys RV082 firewall/router however not sure if if can be used as above.
anyone have ideas on how this can be achieved in the most cost effective way? I also dont want to lose ports on the internal switch to seperate connections.
Ideally this is what I would like: Please see diagram.
I can then use the c3750 switch at the bottom to rate limit right?
What cisco hardware would support this type of scenario..
Im happy to take expert advise and change if required..
please let me know if in the wrong place here.
thanks in advance
05-31-2011 11:29 AM
I'm not familiar with the RV082 but in general you should police the traffic as close to the source as possible.
If you choose a centralized location such as the WAN router, then you will have to police based on ACL from the source.
BTW, QoS Policing is the feature you are after in order to limit the traffic to the bandwidth highlighted in your requirements.
Another piece of information is that you can't police outbound on a 3750 switch. You can only police inbound.
I'm not sure if the RV082 supports it but you can create subinterfaces facing the 3750 switch and each subinterface would have a service-policy with the limit set inbound from each customer. The 3750 switch would be configured as trunk facing the RV082.
Regards,
Edison
06-01-2011 04:27 AM
Thanks Edison.
The RV082 doesnt support subinterfaces. Im going to have to go to a bigger piece of kit like the following I think :
cisco 1805 integrated services router from looking at the product advisor..
1: Is the diagram attached in my post the correct topology for what im trying to achieve?
2: Will I be able to use c1805 for the purpose? (it will be connected to one port on the LAN c3750 switch.)
Edit: Looking at the specs I would like to go with a Dynamic c1841. It supports The cisco gig HWIC so I can connect to the c3750 gig port... What you think ?
again any help guidance will is appreciated. I need to make a decision today for purchasing..
06-01-2011 01:31 PM
Cisco Router 1841 won't provide 50Mbps even if the access port is 100Mbps.
You need at least a 2811 but either router is facing EOL soon. I suggest going with ISR G2 models - 1941 can do 150Mbps.
http://www.cisco.com/web/partners/downloads/765/tools/quickreference/routerperformance.pdf
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide