Solved: Understanding IOS version differences between k9 and sec k9 for cisco 2901? Trying to integrate hom...

wintermute520 · ‎03-16-2019

My apologies if this is in the wrong community. I'm studying for the 200-105 exam, passed the 100-105 last month. I've got a small lab network setup with 3 x 2811s and 3 x 3560s. I've gotten pretty good with them and enjoy playing around and making up networks. It's a bit of a nuisance though because it's isolated from my home network so if I want to put some hosts on my lab network I have to unhook my pc and laptop from my home network and hook them up to the lab network. My lab network's ethernet ports are all 10/100s. My home network has an old sonicwall firewall that has a couple gigabit ports and some 10/100 ports and then I've got an unmanaged 8-port gigabit switch hooked into a gigabit port and a wifi router hooked into the gigabit switch. The sonicwall is just kinda passive, it doesn't have any active security subscriptions so it's not doing a whole lot right now.

A friend of mine is selling me a netgear ready nas 4-bay rack mount nas that has two gigabit ports and an 24-port HP gigabit rack mount switch to expand my home network. I had the thought of either replacing the sonicwall with a refurbished 2901 or putting a 2901 behind the sonicwall to run my network. I'm pretty sure I can configure the 2901 properly.

My question is this, what I'm finding is mostly 2901s that say they've got k9 or k9 sec. I did some googling and found other topics on this board where people were referred to the feature comparison tool but I didn't know enough information to properly fill it out to get any information. I picked some #s that looked familiar and got some results but I had a hard time interpreting what all the features were. I don't need a line by line analysis but can someone please break down the major differences in features between them please? I think the k9 sec had vpn features it looked like but I couldn't figure out much else.

Is there really any point to this? I'd really like to replace the sonicwall with a 2901 but I'm not sure if I know enough about IOS yet to properly configure the 2901 in such a way. Would there really be a point to putting the 2901 behind the sonicwall and using that as the heart of my conjoined network? It seems like a fun project but I don't want to get in over my head.

Leo Laohoo · ‎03-16-2019

@wintermute520 wrote:

k9 or k9 sec

"k9" or "k9 sec" mean the same thing: The IOS supports crypto.

In this day-and-age of people trying to hack into your system, allowing SSH and disabling telnet is a recommended best practice.

View solution in original post

Leo Laohoo · ‎03-16-2019

@wintermute520 wrote:

k9 or k9 sec

"k9" or "k9 sec" mean the same thing: The IOS supports crypto.

In this day-and-age of people trying to hack into your system, allowing SSH and disabling telnet is a recommended best practice.

wintermute520 · ‎03-17-2019

So on my 2811s that I have in my lab I have advipservices running. What's going to be the difference between the advipservices vs what I guess is just ipbase w/ crypto on the 2901s?

I was looking on the feature navigator (https://cfn.cloudapps.cisco.com/ITDIT/CFN/jsp/compareImages.jsp) and put in a 15.1M and got a whole bunch of features but I don't really know what all those features are lol... I'm guessing ipbase will be fine for what I want to do with it? I saw a bunch of VoIP features I won't be needing anytime soon.

Understanding IOS version differences between k9 and sec k9 for cisco 2901? Trying to integrate home network and lab network into one