Matt Tehonica wrote:
Im looking for advice on upgrading our small office network. We currently have about 75 employees with probably 125 devices on the network. I'd like to create about 10 vlans for the different departments and then configure intervlan routing as needed. Currently we have all unmanaged switches and it's just a huge broadcast storm on the network. We are upgrading our Cisco 800 router to an ASA5505 sec. Plus license. I need some recommendations on switches. Of course, this needs to be done as cheap as possible.... Is there a way to use the ASA to configure all the vlans and intervlan routing and access lists and use a cheaper switch to provide the access layer to hosts?
Thanks!
Sent from Cisco Technical Support iPad App

I'd buy a 3750X for a "core" switch/router and do the rest with dumber switches like 2960's - purely for throughput.

An ASA5505 is only rated at 150 Mbps throughput, and if you're using it to route betweens everal VLAN's with even moderate traffic flows, you'd run the risk of bottle necking your setup.

A 3750X (or even a 3560X) has masses of throughput to route between VLAN's - just make sure you get at least the IPBASE featureset (not LANBASE) and then use an ASA5505 for your internet link, the 3750 or 3560 as your "core" router/switch, and the 2960's as client access switches.

Cheers.

If your budget is restricted *and* you don't plan to grow that much, I would go with the SmallBusiness 500-series (SG-500X). Of course I would also prefer a 3750-X, but the difference are a couple thousand bucks.

For what do you want to use the VLANs? Just logical segmentation or strict access-control? If you only need segmentation, than implement the VLANs on the switch. If you need very good access-control, then the VLANs have to be terminated on the ASA. But the 5505 will only give you a maximum throughput of 100 Meg. In that case you should take at least a 5512-X.

Disclaimer

The   Author of this posting offers the information contained within this   posting without consideration and with the reader's understanding that   there's no implied or expressed suitability or fitness for any purpose.   Information provided is for informational purposes only and should not   be construed as rendering professional advice of any kind. Usage of  this  posting's information is solely at reader's own risk.

Liability Disclaimer

In   no event shall Author be liable for any damages whatsoever (including,   without limitation, damages for loss of use, data or profit) arising  out  of the use or inability to use the posting's information even if  Author  has been advised of the possibility of such damage.

Posting

Like the other posters, I too would recommend a L3 switch for inter-VLAN routing.  To minimize cost, you might use just one core L3 switch with port based VLANs to your existing switches, then you might only need to purchase one LAN device (discounting your ASA).

The latest IOS for 2960s supports limited routing, and a 2960 tends to cost much less than a 3xxx L3 switch.

You might find a few port L3 switch also ideal for your new "core".  If mostly only supporting 100 Mbps, the 8 or 12 port 3560 might be ideal.  (NB: unsure whether those models are still available, if not, or you need gig, maybe the 3560CG [or 2960CG if L3 supported] series.)