I need a VPN solution for multiple situatjions. Background: Simple LAN with unmanaged switches with single server 2008 running inventory application with about 20 users. I need to get a VPN solution to allow 2 things:
1) Allow telecommuters to connect and operate as on LAN.
2) A rented warehouse needs to connect on a "permanent" connection to access inventory.
I will need this to be scalable for growth as we are growing fast.
I would take a look at the ASA5505. It will support both of your requirements and you can license it, to increase users, as you grow.
Here's a datasheet for the ASA line-
(I am so confused! - So many choices! - So many questions!!) What about the Cisco871-W-G-A-K9? What makes one better than the other?
Would you recommend the 5505 over the 5510 for my situation?
If I go with the 5505, is there a particular configuration or are there some upgrades that you would recommend (or are there any)?
Is there a device that I should use in conjunction with either of these (5505/5510) for the warehouse?
The 871 will work too. Since it's a lower end router, the VPN will consume more resources. The ASA is a dedicated firewall and VPN device. The router does have come features that the ASA doesn't.
if you go with the 5505, there are a couple of licensing options; a 10 user license, and 50 user license, and an unlimited user license. You can also purchase the Security Plus license which will give you a couple of more features.
The warehouse can have an 5505 or an 871. I personally would keep them the same for the reasons in the first paragraph.
I'm sure all I did was create more questions for you. I'm happy to answer them, but it may be more beneficial for you to contact your local Cisco office. They have dedicated people to come and talk to you, learn your environment and the variables, and then come up with a design and product selection (for free).
Sorry it took so long to reply, I went out of town. Anyhow... Yes, you did create more questions, but not too bad. If you are talking no more that 10-15 people, and on a semi-tight budget, would the 871 be a better selection? Which is more of a "Turn Key" solution and easier to maintain/administer?
I took a look at the list pricing for each with maintenance and they are close enough to each other that the pricing should not be a factor. IMO the ASA5505 will be easier for you to manage since it has a GUI. The router does have one but it is not as evolved as the one for the ASA (called ASDM and comes free with the ASA).
Okay - Maybe one last question then - On the ASA, what would the part number for a VPN with Firewall solution? I see so many different options/configurations/part#'s that, if I spend too much time - I get a hangover. I have looked at the "Small Business Product Guide" and see a few choices, but don't want to over/under purchase. If I need +/- 10 users to connect either IPSec or SSL and would like the Anti-Virus and Firewall options, what would be the part number - or is this configuration not available?
The data sheets are a bit misleading. There really is one firewall, they just call them different additions (because of licensing). Introducing the AV option requires the ASA5510.
Here's the part number for the physical firewall and the Content Services module:
ASA 5510 Appl w/ CSC10, SW, 50 Usr AV/Spy, 1 YR Subscript
Maintenance on the ASA:
SMARTNET 8X5XNBD ASA 5510 Appl w/ CSC10,SW,50 Usr AV/Sp
SSLVPN User Licensing (comes with 2 free):
ASA 5500 SSL VPN 10 Premium User License
ASA 5500 SSL VPN 25 Premium User License
You'll need to decide what features you want at the remote site. If they are the same, then x2 the above.
Really great help here! +5 points for your superb follow-up and excellent info.