Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
424
Views
10
Helpful
8
Replies

Deciding which devices are good choice for vpn

Go to solution
alianengineer1
Level 1
Level 1

‎11-21-2015 11:06 AM

hi every one

i need help in deciding which cisco devices are the better choice for establishing vpn connection between HQ and 14 remote sites in which the remote sites are only connects to the HQ and not connecting to each other and which softwares and licenses are required 

thanks

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Karsten Iwen
VIP
VIP
In response to alianengineer1

‎11-22-2015 10:53 PM

The C881-K9 comes by default with an Advanced Security license. There is an optional Advanced IP license for more routing options. For the 4331, the SEC-Bundle is needed. The options are shown in the Data-sheets I linked in the previous answer.

View solution in original post

0 Helpful
8 Replies 8

Go to solution
Omar El-Mohri
Level 1
Level 1

‎11-21-2015 11:46 AM

What is the bandwidth usage that you need?

Basically an ASA 5505 or 5510 at the HQ K9 if you want AES encryption.

And on the branches only ISR2 something like Cisco 1900 or Cisco 2900 with SEC license.

If you identify what traffic you have and the BW usage needed, I can me more precise.

0 Helpful

Go to solution
alianengineer1
Level 1
Level 1
In response to Omar El-Mohri

‎11-21-2015 07:17 PM

Thanks omar for your reply 

we will use ethernet connection with bandwidth no mor than 8 mbps

thanks

0 Helpful

Go to solution
Karsten Iwen
VIP
VIP

‎11-21-2015 01:37 PM

For scenarios like these I would typically go for IOS routers on both the HQ and the branches. There you can tunnel-interfaces which make implementing VPNs really easy and gives you the flexibility to extend your VPN in the future. The decision which devices to take depend purely on the needed throughput and the type of WAN-interface for the branches (like Ethernet or DSL).

Another possibility which make the VPN-implementation even easier would be the Cisco Meraki MX appliances on both the branches and the HQ.

0 Helpful

Go to solution
alianengineer1
Level 1
Level 1
In response to Karsten Iwen

‎11-21-2015 07:19 PM

Thank you karsten for your reply 

we will use ethernet connection with bandwidth no more than 8 mbps

thanks

0 Helpful

Go to solution
Karsten Iwen
VIP
VIP
In response to alianengineer1

‎11-22-2015 01:16 AM

For the branches you could use the c881. For the HQ I would look at one or two of the new 4331. The c800 is much faster than 8 mps, the 4331 is capable of 100 Mbps and can be upgraded to 300 mbps with a license.

For the alternate solution, you could use Meraki MX64 at the branches and MX 84 at the HQ. With that you also have a really good firewall and the possibility to add content inspection.

Go to solution
alianengineer1
Level 1
Level 1
In response to Karsten Iwen

‎11-22-2015 09:09 PM

Iam very glad that you helped me but there is one more thing to ask about

which licensing do i need for c881 and 4331 and which software images , is the default license and image for c881 is good for my work and it says its default so is that mean its free? and what about the 4331 router images and license? thank you alot for your help

0 Helpful

Go to solution
Karsten Iwen
VIP
VIP
In response to alianengineer1

‎11-22-2015 10:53 PM

The C881-K9 comes by default with an Advanced Security license. There is an optional Advanced IP license for more routing options. For the 4331, the SEC-Bundle is needed. The options are shown in the Data-sheets I linked in the previous answer.

0 Helpful

Go to solution
Omar El-Mohri
Level 1
Level 1
In response to alianengineer1

‎11-22-2015 10:05 AM

In your case you should consider Karsten's recommendation. You'll have plenty of hardware to support your requirements.

0 Helpful
Customers Also Viewed These Support Documents