Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
404
Views
0
Helpful
2
Replies

IOS Packaging Versions

Kevin Brennan
Level 1
Level 1

‎07-09-2008 06:47 AM - edited ‎03-03-2019 10:39 PM

Hi All,

I have 2 remote sites with 2801 and ADSL WICs installed.

fa 0/0 on the 2801's is connected to a 2Mb Point-to-Point circuit back to the main site. (Presented as ethernet at both ends). fa 0/1 goes the the LAN. I'm running EIGRP on this network.

The ADSL WICs provide internet access to the sites with local providers.

I'd like to setup a site-to-site VPN tunell back to my main site in the case of the 2Mb circuits failing. At the moment if the circuit fails, the users launch the VPN client software from their individual PC's, this is far from ideal!

My VPN concentrator at the main site is a Checkpoint NGX R65, but I'll be changing this to a Cisco ASA at some point this year.

My problem is that I dont think I have the correct IOS on the 2801's to let them operate as a VPN client. The IOS on them is C2801-SPSERVICESK9-M.

I think I need Advanced Security at a minimum - Cisco part number CD28N-ASK9?

Am I correct?

Thank you in advance.

Kevin

Labels:
0 Helpful
2 Replies 2

tdrais
Level 7
Level 7

‎07-09-2008 07:20 AM

Depends why you are running the SP version of the IOS. There are a number of features mostly voice and BGP that are in SP that are not in the advanced security. You would need ADVANCED IP SERVICES if you want everything in both versions.

If you plan to run EIGRP over this VPN you will need to wait until you get the ASA since I don't think checkpoint supports EIGRP... Even the ASA support of EIGRP has not been around all that long.

0 Helpful

Kevin Brennan
Level 1
Level 1
In response to tdrais

‎07-09-2008 07:46 AM

Hi tdrais,

Thank you for the reply.

I'm running the SP IOS as that is what came with the bundle (2801 + WIC ADSL)

I dont need any voice or BGP functionality.

you are correct, Checkpoint does not support EIGRP, but I would set a static route with a higher cost to go over the VPN tunnel if required.

Given the above, would the Advanced Security IOS do the job? (It must support the WIC-ADSL though).

What might you recommend to achieve what I'm looking for?

Thanks

Kevin

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card