Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2010
Views
13
Helpful
7
Replies

Need Router Recommendations

Go to solution
Steven Tolzmann
Level 1
Level 1

‎07-08-2011 11:07 AM - edited ‎03-07-2019 01:08 AM

Hello everyone,

The company I am working for is a small business, but we have about 4-5 sites that are all VPN'd to a central site. The attached image file is a crude depiction of our network topology.

The goal of our network is to be able to have every site to be able to talk to every other site (including RA VPN Clients), and we are able to achieve this currently through L2L Tunnels. However we are encountering DNS issues on clients where Windows will ignore the Primary DNS Server (the Windows Small Business Server at the core site), and continuosly use the Secondary DNS Server. There are no connectivity problems to the DNS Server.

What we'd like to do is shift away from using the ASA5505s, which are fairly dedicated devices, and use Cisco Integrated Service Routers instead, which will be able to perform services such as DNS and other services without us having to deploy servers at each remote site. We want DNS Setup as follows:

Remote Site-

Primary DNS Server: 192.168.100.1 (IOS Router) >> Forward to the Core DNS Server >> Forward to OpenDNS

                                                                                >> Forward to OpenDNS

Right now we plan on keeping the ASA5505 Sec+ at the core, but we are open to the idea of switching to a Cisco ISR in the future due to the benefits of modularity which will be an issue in the future if we keep the ASA.

My boss (hes network savvy) told me to show him how I would setup the network from a clean slate.

I was thinking about Cisco 2800 series for the core router, but I am not sure what the best option for remote sites would be.

Anyways.. What Cisco ISRs would you guys recommend for our remote and core site(s)? Each remote site has between 1-10 users, however our company is growing at a fast pace, so we want to account for growth.

Thanks in advance for all of your help.

Labels:
Preview file
44 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
sylvain.munaut
Level 1
Level 1
In response to Steven Tolzmann

‎07-08-2011 11:36 PM

IMHO, I think the 890 should be sufficient for your 50/10Mbps 10 users remote site.

Now you could always replace the core router first, then get one 890 and do some tests. (or even the 880 you have. just keep in mind the 890 has twice the routing capability as the 880)

View solution in original post

0 Helpful
7 Replies 7

Go to solution
sylvain.munaut
Level 1
Level 1

‎07-08-2011 02:04 PM

I'd recommend the 2900 series for the core. The 2800 are End Of Life AFAIK.

For the remote sites, what kind of bandwidth do they run ? When you say growth, is that 20 or more like 100 ? (OTOH the cost of a new router is gonna be neglectable compared to the price of 90 new employees ...)

If the access are like 50 Mbps or less, you could probaby keep the 870 you have for now and use 880/890 (G2 series) at the other sites.

Go to solution
Steven Tolzmann
Level 1
Level 1
In response to sylvain.munaut

‎07-08-2011 10:03 PM

Thanks for the recommendation on the core! Will look into that.

All of our static sites use Comcast Business Internet, so up to 50Mbps down, 10Mbps up. The dynamic sites (the 870 routers) use a variety of Internet Services since we use those routers for mobile job sites. Right now we are just looking to possibly replace the ASAs at the Remote Sites with IOS Routers.

I think I might have overemphasized our growth a bit, we are incorporating additonal sites into the network at a steady pace, but I'd say on a typical day the network as a whole has about 10 users max. I don't foresee our number of users doubling in the next year either. We might have about 2-4 Remote Access VPN users at a time as well.

We currently have an 881 Router on the shelf, but it was replaced by an ASA before I came into the project. It was configured with Ezvpn, and was deemed horribly unreliable. A L2L Tunnel between 881 & ASA should be reliable, no? I imagine a 1900 router would be overkill for <10 users?

Thanks!!

0 Helpful

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame
In response to Steven Tolzmann

‎07-08-2011 11:11 PM

The 2800 series router is not yet End-of-Sale/End-of-Life.

Look at the link below and be aware that the values under "Fast/CEF Switching" Mbps is expressed in HALF duplex and un-encrypted traffic.

Portable Product Sheets – Routing Performance

Go to solution
sylvain.munaut
Level 1
Level 1
In response to Leo Laohoo

‎07-08-2011 11:26 PM

This is the EOL annoucement :

http://www.cisco.com/en/US/prod/collateral/routers/ps5854/eol_c51-631228.html

They're not End of Sale yet, but they are announced as End of Life.

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame
In response to sylvain.munaut

‎07-08-2011 11:28 PM

Thanks for pointing this link out Sylvain. 

Hmmmm ... I can't rate your post.  Where did it go??? 

0 Helpful

Go to solution
sylvain.munaut
Level 1
Level 1
In response to Steven Tolzmann

‎07-08-2011 11:36 PM

IMHO, I think the 890 should be sufficient for your 50/10Mbps 10 users remote site.

Now you could always replace the core router first, then get one 890 and do some tests. (or even the 880 you have. just keep in mind the 890 has twice the routing capability as the 880)

0 Helpful

Go to solution
Steven Tolzmann
Level 1
Level 1
In response to sylvain.munaut

‎07-09-2011 12:32 AM

Thanks for the advice. I think I'll test out the 881 on the shelf first and see how things go.. I think it must have just been configured improperly before, the 881 seems like a robust router.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card