Unanswered Question
Apr 4th, 2007

I read somewhere that installing the 26xxXM IOS is doable on some of the 2600 series (2613, 2611). Is this doable? Secondly, I'm redoing some of the equipment in my lab (upgrading 25xx's) and was wondering on the better of the two 26xx series or 3620's.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
desai.jaideep Wed, 04/04/2007 - 05:19


I wont say that.Any IOS which is available on say 2621 will work on 2621XM. The only difference that some IOS with advanced functionality require more memory and is bigger in size. So for that type of IOS you need XM series.

Also the difference between a 26xx and 26xxXM is the memory and processor speed.

Hope I have answered your question.



desai.jaideep Wed, 04/04/2007 - 05:23

Hi there again!

I forgot to give answer to your second question.

Yes, its a very good idea to replace 25xx with 26xx and 36xx because more interfaces and IOS features which are available in bot of these series.

The main thing you should keep in mind that these are modular routers and both require WIC/NMs to start a workable LAB unlike with the 25xx which are fixed config routers.

If you ask me to choose then I would choose 36xx as core router and 26xx as access routers.Also, dont exchange/throw away your 25xx routers.These are still compatible with both 26xx and 36xx by using correct choice of serial cards.



joquendo000 Wed, 04/04/2007 - 05:52

Well, the reason I am replacing them is because the 25xx series IOS is a bit old. I'm studying for the CCIE security exam the and IOS version I need for FW/IDS/etc isn't available to them. As for the WIC's etc, I have knowledge and experience with them so I'm not concerned with them, I have enough routers of all types (3810's, 4500-m's, 2524, 2511, 2501) to do what I need done. I was specifically looking at the 36xx for the IOS functions.

Right now this is my current breakdown at home

2 4500M's (1 w/4port serial & 4port Eth)

2 3620 (1 w/serial wic one with t1 wic)

3 3810's (2 w/FXS ports all w/T1 and DSP modules)

1 2610

1 2521

1 2524 (every WIC available)

3 2501

2 Netscout Switchprobes (one eth, one gigE)

1 Pix 506e

3 Catalyst 1924's

1 Cat 5000

I was going to chuck the 25xx from my lab and either get some 26xx's or more 3620's. Technically I really don't need any more routers at all, but I started doing heavy labs and I wanted to get all my IOS' under one version. Won't work with my current setup.

So question is... the 26xx or 36xx. Which would be the preferred...

desai.jaideep Wed, 04/04/2007 - 09:37


Nice collection there buddy. I am started feeling jealous now.... :-)

I do not have much experiance about CCIE Security, but here are some results of my research.

First of all, you cannot buy more 3620's as they do not support Enterprise/FW/IDS. You need to go in for 3640s.According to the LAB in CCIE Security Exam Certification

Guide by Henry Benjamin (2003) the following is the equipment list.

Cisco Catalyst switch preferable Cat 5000 x 1 or 3550 x 2 (layer 3 with 3550), Cat IOS 5.1 and higher.

Cisco Terminal server example 2511 x 1

Cisco 2620 x 3

Cisco 3640 x 2

Cisco ACS for Windows 2000

Frame relay switch fully meshed example router Cisco 3640 with 12 serial interfaces for 5 to 6 routers.

PIX 520 firewall or any model with inside and outside interfaces and version 5.2 and higher.

Ideally I think 2 3640's acting as Service Providers and 2 26xxXMs as clients would be idle for you.You already have 1 2610 with you.

Moreover there are few equipment specific to CCIE-security missing from your LAB. Maybe u would like to concentrate on them too.

Here is a list of equipment given by Cisco

Cisco 2600 Series Routers

Cisco 3600 Series Routers

Cisco 3700 Series Routers

Cisco Catalyst 3550 Series Switches

Cisco PIX 500 Series Security Appliances

Cisco VPN 3000 Series Concentrators

Cisco IPS Series 4200 intrusion prevention system sensors

Cisco Secure Access Control Server for Windows

Certificate Authority Support

Cisco ASA 5500 Series Adaptive Security Appliances

The VPN Concentrator can be configured using CLI (Command Line Interface) or a GUI web interface. The IDS sensors can be configured using CLI and managed through the IDS Device Manager.

Software Versions

Cisco IOS Software Version 12.2T Enterprise/IPSec/FW/IDS feature set is used on all routers

Cisco PIX Security Appliance OS Software Version 7.x

Cisco Intrusion Detection System Release 5.x

Cisco VPN Client Software for Windows, Release 4.8.x

VPN 3000 Series Concentrator OS, Release 4.7.x

Cisco ASA 5500 Series Adaptive Security Appliances OS Software Version 7.x

Cisco Catalyst 3550 Series Switches run Cisco IOS Software Release 12.2SEE

Cisco Secure ACS for Windows version 4.x

Hope that will help.



joquendo000 Wed, 04/04/2007 - 09:56

Been there done that (books)

Currently within arms distance (physical books not PDF's)

Cisco Press - CCNP BSCI Exam Certification Guide (2004)

Cisco Press - CCSP SECUR Exam Certification Guide

Cisco Press - CCIE Fundamentals Network Design And Case Studies

Cisco Press - CCIE Professional Development Large-Scale IP Network Solutions

Cisco Press - CCIE Professional Development Routing TCP IP Volume I & II

Cisco Press - CCIE Routing and Switching Exam Certification Guide

Cisco Press - CCIE Self Study CCIE Practical Studies Volume II(2003)

Cisco Press - CCIE Professional Development - Advanced IP ...

Cisco Press - CCIE Professional Development - Large-Scale IP ...

Cisco Press - CCIE Self Study CCIE Security Exam Certification

Cisco Press - CCIE Practical Studies Security - Bokotey

Cisco Press - CCIE Security Practice Labs - Yusuf Bhaiji

Cisco Press - CCIE Network Security Principles and Practices - Malik

Been to Cisco's description of what's necessary as well... Thing is, from everything I've and am reading concerning the command line syntaxing, I should be able to get by with say c3620-ik9o3s6-mz.123-21.bin which has FW/IDS. There is nothing I can significantly different about Enterprise and mainline as far as the security portion of it goes. From what I can tell hence the question being asked...

Believe me when I tell you, I know enough about the requirements from the books I have. As for other equipment I would need... This is my work lab:

3 3620's

1 3640

1 2511

2 2501

3 4500's

2 Pix 515's

Cat LS1010

3 Cat 3550's

Mergemaster ISDN simulator

It keeps me deaf most of the day since its 18 inches away from me. I was more curious to know "WHY" 12.2T when I'm using 12.3(21) IP/FW/IDS PLUS IPSEC 3DES BASIC no ATM


This Discussion