cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2019
Views
0
Helpful
2
Replies

Understanding IOS version differences between k9 and sec k9 for cisco 2901? Trying to integrate home network and lab network into one

wintermute520
Level 1
Level 1

My apologies if this is in the wrong community.  I'm studying for the 200-105 exam, passed the 100-105 last month.  I've got a small lab network setup with 3 x 2811s and 3 x 3560s.  I've gotten pretty good with them and enjoy playing around and making up networks.  It's a bit of a nuisance though because it's isolated from my home network so if I want to put some hosts on my lab network I have to unhook my pc and laptop from my home network and hook them up to the lab network.  My lab network's ethernet ports are all 10/100s.  My home network has an old sonicwall firewall that has a couple gigabit ports and some 10/100 ports and then I've got an unmanaged 8-port gigabit switch hooked into a gigabit port and a wifi router hooked into the gigabit switch.  The sonicwall is just kinda passive, it doesn't have any active security subscriptions so it's not doing a whole lot right now.  

 

A friend of mine is selling me a netgear ready nas 4-bay rack mount nas that has two gigabit ports and an 24-port HP gigabit rack mount switch to expand my home network.  I had the thought of either replacing the sonicwall with a refurbished 2901 or putting a 2901 behind the sonicwall to run my network.  I'm pretty sure I can configure the 2901 properly.

 

My question is this, what I'm finding is mostly 2901s that say they've got k9 or k9 sec.  I did some googling and found other topics on this board where people were referred to the feature comparison tool but I didn't know enough information to properly fill it out to get any information.  I picked some #s that looked familiar and got some results but I had a hard time interpreting what all the features were.  I don't need a line by line analysis but can someone please break down the major differences in features between them please?  I think the k9 sec had vpn features it looked like but I couldn't figure out much else.  

 

Is there really any point to this?  I'd really like to replace the sonicwall with a 2901 but I'm not sure if I know enough about IOS yet to properly configure the 2901 in such a way.  Would there really be a point to putting the 2901 behind the sonicwall and using that as the heart of my conjoined network?  It seems like a fun project but I don't want to get in over my head.

1 Accepted Solution

Accepted Solutions

Leo Laohoo
Hall of Fame
Hall of Fame

@wintermute520 wrote:

k9 or k9 sec


"k9" or "k9 sec" mean the same thing:  The IOS supports crypto.  

In this day-and-age of people trying to hack into your system, allowing SSH and disabling telnet is a recommended best practice.

View solution in original post

2 Replies 2

Leo Laohoo
Hall of Fame
Hall of Fame

@wintermute520 wrote:

k9 or k9 sec


"k9" or "k9 sec" mean the same thing:  The IOS supports crypto.  

In this day-and-age of people trying to hack into your system, allowing SSH and disabling telnet is a recommended best practice.

So on my 2811s that I have in my lab I have advipservices running.  What's going to be the difference between the advipservices vs what I guess is just ipbase w/ crypto on the 2901s?

 

I was looking on the feature navigator (https://cfn.cloudapps.cisco.com/ITDIT/CFN/jsp/compareImages.jsp) and put in a 15.1M and got a whole bunch of features but I don't really know what all those features are lol...  I'm guessing ipbase will be fine for what I want to do with it?  I saw a bunch of VoIP features I won't be needing anytime soon.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco