10-03-2007 10:03 AM - edited 03-11-2019 04:19 AM
I have (3) sites that currently are using PIX 506's with 2610 routers. I have to budget to replace the PIX's next year, since they went off support unexpectedly this year. The 2610's go off support next year, so I need to replace those also. There are site-site VPN's established. Connectivity is either a T1 or business cable connection. Since I'd like to setup a DMZ, I was looking at the spec's for a ASA5510 and perhaps a 2811 router? I don't anticipate adding additional T1's or significant bandwidth to any of the sites. Sites are < 50 users.
Thanks.
John
10-05-2007 08:39 AM
What about using a router for terminating your T-1 connections and providing firewall/VPN features? Something like an 1841 with VPN AIM card.
1841 Router
http://cisco.com/en/US/products/ps5853/products_data_sheet0900aecd8016a59b.html
VPN AIM Card
http://cisco.com/en/US/products/ps5853/products_data_sheet0900aecd804ff58a.html
You can buy the security bundle wich includes everything you need.
CISCO1841-HSEC/K9 "Cisco 1841 Security Bundle with IOS Advanced IP services, AIM-VPN/BPII-PLUS, 64 MB Flash/256 MB DRAM"
You would still need to buy a WIC-T1-DSU (or something similar) for terminating the T-1.
HTH
10-05-2007 10:08 AM
Had a conversation with our teleco provider this morning. Right now I'm leaning toward having them lease us the routers so that they 'own' any problems up to and including that CPE. The incremental monthly cost isn't that much. So, I guess at this point, it's just a question of which ASA 5500 series model I choose for the (2) locations. Probably a pair of 5510's.
10-05-2007 10:41 AM
Just as an FYI the ASA5505 can handle up to 100MB of VPN traffic, so if you only have a T1 an ASA5510 might be over kill (170MB VPN).
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide