Small Remote Office setup

Answered Question
Mar 16th, 2010

All,

I am setting up a remote office, (basically an office with one or two people there), but i need to find out what equipment i need to get...Here are the ojectives...

1. Setup a LAN2LAN IPSEC vpn to the main site.

2. 8 computers (at the maximum)

Should i just get a T-1 line, along with an ASA 5505 and setup the VPN and L2L to the main site?

I should be able to use the T-1 straight to the ASA 5505 rather then getting a router, and a ASA5505...is that correct?

I have this problem too.
0 votes
Correct Answer by Reza Sharifi about 6 years 8 months ago

Yes, for just 8 users, you should be fine using a small device.

Make sure you buy the right license for the IOS to do VPN.

Good Luck

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Reza Sharifi Tue, 03/16/2010 - 10:20

Hi,

You can not bring a T1 line directly to the ASA. ASA has only Ethernet ports.  You need a smal router with 8 port switch module to terminate the T1 and also to connect your end users.

HTH

Reza

cisco_himg Tue, 03/16/2010 - 10:31

That thought actually crossed my mind. Thank you for confirming it.

What would be a good small router to get for a T-1 line?

Could i get a small router, with 1- TS1-DSU port and one fast ethernet port, then connect to the ASA?, or a router with VPN capabilities already built in?

this is going to be a cost sensitive connection so i dont want to spend to much...

Reza Sharifi Tue, 03/16/2010 - 10:37

If you don't want to spend much then you can get 2811 ot 2821 router with an 8 port switch module (HWIC-D-9ESW).  This way you are using one device for both routing and switcing.  You would also need a WIC to terminate your T1. You can also use this box for VPN.

HTH

Reza

cisco_himg Tue, 03/16/2010 - 10:40

what about a 1941 ISR router? Have you looked at those? Any difference between 2811 and the 1941?

Reza Sharifi Tue, 03/16/2010 - 10:46

I have never used 1941 but I am using a 2800, 3800 and 3900.  1900, 2900 and 3900 are the new G2 devices.

cisco_himg Tue, 03/16/2010 - 11:10

Cool, thanks...

It looks like if i get a 1941, with a T-1 DSU, then maybe just get a unmanaged switch to connect to the fastethernet port will do the trick. This site doesnt have to be supercomplicated and managed, but it atleast needs to have IPSEC VPN connecticity.

I guess i can setup DHCP on the router, and let it hand out IP address to the unmanaged switch and the other devices on the network....

does that sound ok?

Correct Answer
Reza Sharifi Tue, 03/16/2010 - 11:18

Yes, for just 8 users, you should be fine using a small device.

Make sure you buy the right license for the IOS to do VPN.

Good Luck

cisco_himg Tue, 03/16/2010 - 12:47

I have one more scenerio for ya...

Lets say i didnt want to get a T-1....so basically just scrap the idea i have in my previous posts...

Could I get a DSL line with a Dedicated IP address? then i could implement the ASA 5505 then maybe a Voip adapter on the other side of the Firewall..?

The reason I ask is becuase they wont need much bandwidth at all, just the VPN L2L ipsec is imperative to have...

cisco_himg Wed, 03/17/2010 - 06:48

If I were to get a 8MG DSL connection with a static IP address...could i put the ASA 5505 behind the DSL modem, and then add a voip adapter behind the ASA ?

Reza Sharifi Wed, 03/17/2010 - 06:55

I don't understand what you mean by voip adapter.  The ASA only takes Ethernet ports. You can not connect any type of voice port or serial port to it. If T1 is too much bandwidth you can you use sub-rate T1 (512kb).  I don't think the price if a full T1 is very high these days.

Reza

cisco_himg Wed, 03/17/2010 - 07:05

no problem...

Here is what i need..(i know its hard understanding without actually hearing me)...

1. A good speed DSL line

2. Static IP

3. Voip for 3 phones

4.The ability to created a LAN2LAN ipsec tunnel

Can you tell me what I need and how I would connect them?

Actions

This Discussion