Solved: Need help replacing a 2821 - Page 2

Eric Daoust · ‎04-02-2013

I am currently running a 2821 to terminate vpn links from all our branch offices over a WAN. I need to add a second interface in order to facilitate a move to a different WAN provider. seeing as the 2800 models are EOL I was looking for an upgrade. My local retailer wants to sell me the following:

CISCO3925E-SEC/K9 IS Router 3925E security bundle

SEC license pack

HWIC-2T 2 port serial WAN card

MEM-3900-1GU2GB Upgrade to 2GB 1

PWR-3900-AC/2 AC power supply secondary 1

now my question is why can't i use the 2900 models in order to save some money?

All I need is a router that will accept 2 different incoming WANs and the ability to create vpn tunnels over them.. So i defer to the experts to see if you guys can enlighten me a little and hopefully save me some money.

Thanks

P.S if you coudl include part # that woudl be great.

paolo bevilacqua · ‎04-02-2013

Sory, misunderstood the ethernet thing.

You will be fine with a secury bundle router then, and nothing else. You wanted to know about the high perfomance security license, here it is:

The HSEC-K9 license removes the curtailment enforced by the U.S. government export restrictions on the encrypted tunnel count and encrypted throughput. HSEC-K9 is available only on the Cisco 2921, Cisco 2951, Cisco 3925, Cisco 3945, Cisco 3925E, and Cisco 3945E. With the HSEC-K9 license, the ISR G2 router can go over the curtailment limit of 225 tunnels maximum for IP Security (IPsec) and encrypted throughput of 85-Mbps unidirectional traffic in or out of the ISR G2 router, with a bidirectional total of 170 Mbps.

Eric Daoust · ‎04-02-2013

As i was thinking, this will do:

CISCO2921-SEC/K9 IS Router 2921 bundle

SEC license pack <-- as i don't need faster that 170Mbps bi-directional and have less that 255 tunnels

But i still need the extra port for the second Temp WAN (copper ethernet)

and from the 2900 product description it seems it comes with 3?

Integrated Gigabit Ethernet Ports

• All onboard WAN ports are 10/100/1000 Gigabit Ethernet WAN routed ports.

• One of the three 10/100/1000 Ethernet WAN ports on the Cisco 2921 and 2951 supports Small Form-Factor Pluggable (SFP)-based connectivity in lieu of a RJ-45 port and enabling fiber connectivity.

So i would not need to purchase an extra one?

But if i did this one would do?

Cisco Gigabit Ethernet EHWIC-1GE-SFP-CU

paolo bevilacqua · ‎04-02-2013

Router has three interfaces, after that you can use a switch. So as mentioned before already, you do not need anything else.

Thank you for the nice rating and good luck!

Eric Daoust · ‎04-02-2013

You've been very helpful paolo and saved me time and money.. thanks to everyone i appreciate it

Joseph W. Doherty · ‎04-02-2013

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

So will this support what i need?

Don't know as it's not totally clear what you are doing now and what you might need.

Like Paolo, I think it very doubtful you'll need the memory upgrade.

You're rep probably now mentioned the 2921 as that's the logical successor for the 2821. However, newer ISRs are faster then earlier models, so for the same performance, a "smaller" ISR might be fine.

As one of your later postings mentions Ethernet handoffs, how much aggregate traffic do you need to deal with? The document Paolo provided will help you to select the "right" size router. BTW, the recommendations pretty much assume almost every feature with traffic running at 100% of the noted bandwidth; i.e. worst case. If you size for "average" bandwidth loading, you might find you can size down a model or two from "maximum" bandwidth loading. How safe it's doing this depends on how much average diverges from peak and whether slow down during peak is acceptable.