I need to use a firewall in order to protect a public network for accessing Internet. In my network, I have around 100-200 users and I want to allow them to use p2p software (like emule) although I would like to limit the bandwith and number of sessions of those connections. I know I can do it with an ASA firewall, and the number of simultaneous connections supported (that is one of the major problems with emule-like apps) is very high. I would like to use also the system to give VoIP capabilities to some of the users (less than 20) so I'm thinking of using a 2800 router instead of an ASA firewall.
The problem I have is that I'm not able to find the number os simultaneous connections supported by the diferent 2800 models, and I would not like to use a router that could be overloaded because of p2p traffic.
Can I use a 2800 router for this situation or do I need an ASA firewall?
as for the solution you are trying to implement and looking at the number of users, also you are looking forward to protect your internal network from public network. i would really suggest going for ASA 5500 series but you can always choose the best model which fits your needs.
Thanks for your answer. I know that a good solution is to use ASA5500, but I would like to use the same equipment to give VoIP, so I prefer to use a 2800 router. It's not in my plans to use the firewall as anti-x, so I think I can use the embedded IOS firewall.
The network is not vey big and is not going to grow very much. It is a small WiFi network and not all the users are going to use p2p applications.
What I would like to know is the number of maximum connections supported by the different 2800 models, or whether any of you have use this router in a similar situation without problems.
i got your point, we are currently using a cisco 2851 router which is connecting our branches core network over MPLS cloud, ve'ing Tunneling with esp-3des encryption and 've not seens any problem in there.
now could you tell me when you said that you want to know the number of maxium connections supported, what are you actually referrening to?
because what your senario is at the moment i believe a cisco 1841 series router will do just as good. but you can see the different model camparsion on the link below
I want to know the number of connections because edonkey-like applications opens a very large number of simultaneous connections at the same time. As I want my users to use those p2p applications I would like not to overload the router.
i.e. I'm using now a small firewall that supports 2.000 simultaneous connections and as soon as some of the users starts using the emule/edonkey, the firewall crash. Is not a problem of bandwith, but of number of simultaneous connections.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...