Small Remote Office setup

Answered Question
Mar 16th, 2010
User Badges:

All,


I am setting up a remote office, (basically an office with one or two people there), but i need to find out what equipment i need to get...Here are the ojectives...


1. Setup a LAN2LAN IPSEC vpn to the main site.

2. 8 computers (at the maximum)



Should i just get a T-1 line, along with an ASA 5505 and setup the VPN and L2L to the main site?


I should be able to use the T-1 straight to the ASA 5505 rather then getting a router, and a ASA5505...is that correct?

Correct Answer by Reza Sharifi about 7 years 1 week ago

Yes, for just 8 users, you should be fine using a small device.

Make sure you buy the right license for the IOS to do VPN.

Good Luck

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Reza Sharifi Tue, 03/16/2010 - 10:20
User Badges:
  • Super Bronze, 10000 points or more
  • Cisco Designated VIP,

    2017 LAN

Hi,


You can not bring a T1 line directly to the ASA. ASA has only Ethernet ports.  You need a smal router with 8 port switch module to terminate the T1 and also to connect your end users.


HTH

Reza

cisco_himg Tue, 03/16/2010 - 10:31
User Badges:

That thought actually crossed my mind. Thank you for confirming it.


What would be a good small router to get for a T-1 line?


Could i get a small router, with 1- TS1-DSU port and one fast ethernet port, then connect to the ASA?, or a router with VPN capabilities already built in?


this is going to be a cost sensitive connection so i dont want to spend to much...

Reza Sharifi Tue, 03/16/2010 - 10:37
User Badges:
  • Super Bronze, 10000 points or more
  • Cisco Designated VIP,

    2017 LAN

If you don't want to spend much then you can get 2811 ot 2821 router with an 8 port switch module (HWIC-D-9ESW).  This way you are using one device for both routing and switcing.  You would also need a WIC to terminate your T1. You can also use this box for VPN.


HTH

Reza

cisco_himg Tue, 03/16/2010 - 10:40
User Badges:

what about a 1941 ISR router? Have you looked at those? Any difference between 2811 and the 1941?

Reza Sharifi Tue, 03/16/2010 - 10:46
User Badges:
  • Super Bronze, 10000 points or more
  • Cisco Designated VIP,

    2017 LAN

I have never used 1941 but I am using a 2800, 3800 and 3900.  1900, 2900 and 3900 are the new G2 devices.

cisco_himg Tue, 03/16/2010 - 11:10
User Badges:

Cool, thanks...


It looks like if i get a 1941, with a T-1 DSU, then maybe just get a unmanaged switch to connect to the fastethernet port will do the trick. This site doesnt have to be supercomplicated and managed, but it atleast needs to have IPSEC VPN connecticity.



I guess i can setup DHCP on the router, and let it hand out IP address to the unmanaged switch and the other devices on the network....




does that sound ok?

Correct Answer
Reza Sharifi Tue, 03/16/2010 - 11:18
User Badges:
  • Super Bronze, 10000 points or more
  • Cisco Designated VIP,

    2017 LAN

Yes, for just 8 users, you should be fine using a small device.

Make sure you buy the right license for the IOS to do VPN.

Good Luck

cisco_himg Tue, 03/16/2010 - 12:47
User Badges:

I have one more scenerio for ya...


Lets say i didnt want to get a T-1....so basically just scrap the idea i have in my previous posts...




Could I get a DSL line with a Dedicated IP address? then i could implement the ASA 5505 then maybe a Voip adapter on the other side of the Firewall..?



The reason I ask is becuase they wont need much bandwidth at all, just the VPN L2L ipsec is imperative to have...

cisco_himg Wed, 03/17/2010 - 06:48
User Badges:

If I were to get a 8MG DSL connection with a static IP address...could i put the ASA 5505 behind the DSL modem, and then add a voip adapter behind the ASA ?

Reza Sharifi Wed, 03/17/2010 - 06:55
User Badges:
  • Super Bronze, 10000 points or more
  • Cisco Designated VIP,

    2017 LAN

I don't understand what you mean by voip adapter.  The ASA only takes Ethernet ports. You can not connect any type of voice port or serial port to it. If T1 is too much bandwidth you can you use sub-rate T1 (512kb).  I don't think the price if a full T1 is very high these days.


Reza

cisco_himg Wed, 03/17/2010 - 07:05
User Badges:

no problem...


Here is what i need..(i know its hard understanding without actually hearing me)...


1. A good speed DSL line

2. Static IP

3. Voip for 3 phones

4.The ability to created a LAN2LAN ipsec tunnel


Can you tell me what I need and how I would connect them?

Actions

This Discussion