cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1750
Views
0
Helpful
12
Replies

Small Remote Office setup

cisco_himg
Level 1
Level 1

All,

I am setting up a remote office, (basically an office with one or two people there), but i need to find out what equipment i need to get...Here are the ojectives...

1. Setup a LAN2LAN IPSEC vpn to the main site.

2. 8 computers (at the maximum)

Should i just get a T-1 line, along with an ASA 5505 and setup the VPN and L2L to the main site?

I should be able to use the T-1 straight to the ASA 5505 rather then getting a router, and a ASA5505...is that correct?

1 Accepted Solution

Accepted Solutions

Yes, for just 8 users, you should be fine using a small device.

Make sure you buy the right license for the IOS to do VPN.

Good Luck

View solution in original post

12 Replies 12

Reza Sharifi
Hall of Fame
Hall of Fame

Hi,

You can not bring a T1 line directly to the ASA. ASA has only Ethernet ports.  You need a smal router with 8 port switch module to terminate the T1 and also to connect your end users.

HTH

Reza

That thought actually crossed my mind. Thank you for confirming it.

What would be a good small router to get for a T-1 line?

Could i get a small router, with 1- TS1-DSU port and one fast ethernet port, then connect to the ASA?, or a router with VPN capabilities already built in?

this is going to be a cost sensitive connection so i dont want to spend to much...

If you don't want to spend much then you can get 2811 ot 2821 router with an 8 port switch module (HWIC-D-9ESW).  This way you are using one device for both routing and switcing.  You would also need a WIC to terminate your T1. You can also use this box for VPN.

HTH

Reza

what about a 1941 ISR router? Have you looked at those? Any difference between 2811 and the 1941?

I have never used 1941 but I am using a 2800, 3800 and 3900.  1900, 2900 and 3900 are the new G2 devices.

Cool, thanks...

It looks like if i get a 1941, with a T-1 DSU, then maybe just get a unmanaged switch to connect to the fastethernet port will do the trick. This site doesnt have to be supercomplicated and managed, but it atleast needs to have IPSEC VPN connecticity.

I guess i can setup DHCP on the router, and let it hand out IP address to the unmanaged switch and the other devices on the network....

does that sound ok?

Yes, for just 8 users, you should be fine using a small device.

Make sure you buy the right license for the IOS to do VPN.

Good Luck

I have one more scenerio for ya...

Lets say i didnt want to get a T-1....so basically just scrap the idea i have in my previous posts...

Could I get a DSL line with a Dedicated IP address? then i could implement the ASA 5505 then maybe a Voip adapter on the other side of the Firewall..?

The reason I ask is becuase they wont need much bandwidth at all, just the VPN L2L ipsec is imperative to have...

If I were to get a 8MG DSL connection with a static IP address...could i put the ASA 5505 behind the DSL modem, and then add a voip adapter behind the ASA ?

I don't understand what you mean by voip adapter.  The ASA only takes Ethernet ports. You can not connect any type of voice port or serial port to it. If T1 is too much bandwidth you can you use sub-rate T1 (512kb).  I don't think the price if a full T1 is very high these days.

Reza

no problem...

Here is what i need..(i know its hard understanding without actually hearing me)...

1. A good speed DSL line

2. Static IP

3. Voip for 3 phones

4.The ability to created a LAN2LAN ipsec tunnel

Can you tell me what I need and how I would connect them?

Did my last post make sense? lol....

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: