Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1264
Views
5
Helpful
3
Replies

The Right System for SMB Network

marcos
Level 1
Level 1

‎03-14-2010 10:19 AM - edited ‎03-06-2019 10:07 AM

Hi,

we're founding a small consultancy business and therefore I need to setup a network.

I have basic knowledge and experience with Cisco IOS for routers and Catalyst switches as I setup and managed T1-, DSL-, Dialup-, Firewall- and LAN-connections with Cisco systems ranging from 800 to 3600 series. But this was 8 years ago.

As being computer scientists and IT-specialists we want to manage the network by ourselves.

The following diagramm gives a brief overview of network topology and services.

OG-Network-Topology.gif

The main idea is to subdevide the hosts into one server LAN and one or more user LANs. For the moment all networks are going to be wired networks.

Basically I need assistance in selecting the right router system. It should be affordable for a small business.

I think a 892 router would do a great job, if

  1. it supports the PPPoE client protocol on the FE WAN Link
  2. it can negotiate network configuration from PPPoE and setup the default gateways dynamically while preserving the static routing configuration for local subnets
  3. the GE WAN interface can be used as LAN link to the servers' LAN
  4. it can do NAT between the ADSL WAN Link interface and the workers' LAN interface
  5. it can do port forwarding (PAT) between the FE WAN (ADSL) interface and the LAN interface to the servers' LAN (cf. 3)
  6. it can perform filtering (ACL) and perhaps statefull packet inspection on connections to the servers' LAN
  7. it can perform content filtering on the interface to the workers' LAN interface
  8. the ISDN BRI interface can be used for inbound and outbound PPP connections

It would be nice, if experts give answers on those questions.

In my scenario the interfaces would connect according to the following list:

FE LAN -> Workers' LAN

#1 GE WAN -> Servers' LAN

#2 FE WAN -> ADSL PPPoE Internet Connection

At the beginning I would want to use the 892 router's internal switch and later upgrade with an gigabit switch.

I'm not sure how to deal with the perdiodic connection reset done by the ISP. Specialists at the ISP company said, the IP/PPPoE connection is interrupted by their systems every 24h and can immediatelly be (re-)established by our systems by simply reconnecting to them. Maybe somebody can tell his experience with similar scenarios, especially along with busy WAN connections.

The ISP specialists also mentioned, that their CPE router can be configured to bridge-mode or can be totally substituted by one of our router systems. I think I would need a ADSL over ISDN (Euro) WAN interface, which afaik in the 800 Series routers isn't manufactured along with 2 G-/F-E interfaces.

The 892 routers include one ISDN BRI interface, which I would like to use for inbound PPP connections without having a RADIUS or LDAP service. I think it can be done with basic AAA directly on the router. Is that right?

I'm looking forward to get some feedback from you.

Thanks in advance.

Kind Regards,

Marcos Otero Garcia

Labels:
Preview file
49 KB
0 Helpful
3 Replies 3

Collin Clark
VIP Alumni
VIP Alumni

‎03-15-2010 10:11 AM

Hi Marcos-

In response to your questions-

# it supports the PPPoE client protocol on the FE WAN Link Yes it can
# it can negotiate network configuration from PPPoE and setup the default gateways dynamically while preserving the static routing configuration for local subnets Yes it can
# the GE WAN interface can be used as LAN link to the servers' LAN Yes it can
# it can do NAT between the ADSL WAN Link interface and the workers' LAN interface Yes it can
# it can do port forwarding (PAT) between the FE WAN (ADSL) interface and the LAN interface to the servers' LAN (cf. 3) Yes it can
# it can perform filtering (ACL) and perhaps statefull packet inspection on connections to the servers' LAN Yes it can (requires Adv Security IOS)
# it can perform content filtering on the interface to the workers' LAN interface It can not do this
# the ISDN BRI interface can be used for inbound and outbound PPP connections Yes it can

Your ISP clearing your connection is a bit strange. If they use DHCP it shouldn't be too big of a problem as the router will automatically try and get another one. I would place the DSL modem into bridge mode, it makes troubleshooting easier. I don't have any experience with ADSL over ISDN so I'm afraid I can't help you there. You can 'emulate' AAA on the router by using the local database.

Hope the above info helps.

marcos
Level 1
Level 1
In response to Collin Clark

‎03-16-2010 08:45 AM

Dear Collin,

thank you for responding quickly to my issue.

If the ISP uses DHCP, I suppose they simply set the lease time to 24h. I'm going to investigate this.

The content filtering feature is mentioned in the 892's data sheet. Maybe it's included in the firewall feature set. I'm going to investigate this too.

For the moment this issue can be closed.

Thank you very much.

Kind Regards,

Marcos Otero Garcia

0 Helpful

Rob Huffman
Hall of Fame
Hall of Fame
In response to marcos

‎03-19-2010 06:27 AM

Hey Collin,

Very nice answer my friend! Worth at least +5 from Calgary.

Cheers!

Huff

0 Helpful
Customers Also Viewed These Support Documents