VPN Solution??

Unanswered Question
Oct 13th, 2009

I need a VPN solution for multiple situatjions. Background: Simple LAN with unmanaged switches with single server 2008 running inventory application with about 20 users. I need to get a VPN solution to allow 2 things:

1) Allow telecommuters to connect and operate as on LAN.

2) A rented warehouse needs to connect on a "permanent" connection to access inventory.

I will need this to be scalable for growth as we are growing fast.

Any suggestions?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (2 ratings)
Loading.
rhenarie2 Wed, 10/14/2009 - 15:43

(I am so confused! - So many choices! - So many questions!!) What about the Cisco871-W-G-A-K9? What makes one better than the other?

Would you recommend the 5505 over the 5510 for my situation?

If I go with the 5505, is there a particular configuration or are there some upgrades that you would recommend (or are there any)?

Is there a device that I should use in conjunction with either of these (5505/5510) for the warehouse?

Collin Clark Thu, 10/15/2009 - 05:44

The 871 will work too. Since it's a lower end router, the VPN will consume more resources. The ASA is a dedicated firewall and VPN device. The router does have come features that the ASA doesn't.

if you go with the 5505, there are a couple of licensing options; a 10 user license, and 50 user license, and an unlimited user license. You can also purchase the Security Plus license which will give you a couple of more features.

The warehouse can have an 5505 or an 871. I personally would keep them the same for the reasons in the first paragraph.

I'm sure all I did was create more questions for you. I'm happy to answer them, but it may be more beneficial for you to contact your local Cisco office. They have dedicated people to come and talk to you, learn your environment and the variables, and then come up with a design and product selection (for free).

rhenarie2 Mon, 10/19/2009 - 17:55

Sorry it took so long to reply, I went out of town. Anyhow... Yes, you did create more questions, but not too bad. If you are talking no more that 10-15 people, and on a semi-tight budget, would the 871 be a better selection? Which is more of a "Turn Key" solution and easier to maintain/administer?

Collin Clark Tue, 10/20/2009 - 05:18

I took a look at the list pricing for each with maintenance and they are close enough to each other that the pricing should not be a factor. IMO the ASA5505 will be easier for you to manage since it has a GUI. The router does have one but it is not as evolved as the one for the ASA (called ASDM and comes free with the ASA).

rhenarie2 Tue, 10/20/2009 - 18:38

Okay - Maybe one last question then - On the ASA, what would the part number for a VPN with Firewall solution? I see so many different options/configurations/part#'s that, if I spend too much time - I get a hangover. I have looked at the "Small Business Product Guide" and see a few choices, but don't want to over/under purchase. If I need +/- 10 users to connect either IPSec or SSL and would like the Anti-Virus and Firewall options, what would be the part number - or is this configuration not available?

Collin Clark Wed, 10/21/2009 - 05:49

The data sheets are a bit misleading. There really is one firewall, they just call them different additions (because of licensing). Introducing the AV option requires the ASA5510.

Here's the part number for the physical firewall and the Content Services module:

ASA5510-CSC10-K9

ASA 5510 Appl w/ CSC10, SW, 50 Usr AV/Spy, 1 YR Subscript

Maintenance on the ASA:

CON-SNT-AS1C10K9

SMARTNET 8X5XNBD ASA 5510 Appl w/ CSC10,SW,50 Usr AV/Sp

SSLVPN User Licensing (comes with 2 free):

ASA5500-SSL-10=

ASA 5500 SSL VPN 10 Premium User License

ASA5500-SSL-25

ASA 5500 SSL VPN 25 Premium User License

You'll need to decide what features you want at the remote site. If they are the same, then x2 the above.

rob.huffman Sun, 10/25/2009 - 06:48

Hi Collin,

Really great help here! +5 points for your superb follow-up and excellent info.

Cheers!

Rob

rhenarie2 Sat, 11/14/2009 - 20:40

Collin,

Thanks for your patience and help. I am going to try the 5505. I will let you know how it works for me.

Actions

This Discussion