05-05-2009 07:22 AM - edited 03-06-2019 05:32 AM
Hi guys,
I'm looking for a basic Cisco router I can use in a "router on a stick" scenario to route traffic for our video conferencing system either across our IPSec VPN network or through our Checkpoint firewall to the web. Our main gateway handles other traffic so I want to keep this link seperate. It will need to support HSRP in case of failover.
Would the Cisco 871 router be up to the job for 2 VC units that are not heavily used?
Thanks,
Martin
Solved! Go to Solution.
05-05-2009 07:49 AM
The 871 does support subinterfaces. Here is a sample I just tried placing on an 871 to be sure. I also included the show ver. Perhaps it is a IOS thing. I also know that the 851 does not support it. I also believe the 831 does not, though I am not certain on the 831.
interface FastEthernet4
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet4.1
description Voice Vlan 65
encapsulation dot1Q 65
ip address 10.65.1.2 255.255.0.0
ip helper-address 10.1.1.10
ip helper-address 10.1.1.11
ip flow ingress
no snmp trap link-status
no cdp enable
!
interface FastEthernet4.2
description Voice Vlan 10
encapsulation dot1Q 10
ip address 10.1.10.2 255.255.254.0
ip helper-address 10.1.1.10
ip helper-address 10.1.1.11
ip flow ingress
no snmp trap link-status
no cdp enable
yourname#show ver
Cisco IOS Software, C870 Software (C870-ADVIPSERVICESK9-M), Version 12.4(6)T, RE
LEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2006 by Cisco Systems, Inc.
Compiled Thu 23-Feb-06 04:00 by ccai
ROM: System Bootstrap, Version 12.3(8r)YI3, RELEASE SOFTWARE
yourname uptime is 1 hour, 12 minutes
System returned to ROM by power-on
System image file is "flash:c870-advipservicesk9-mz.124-6.T.bin"
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
Cisco 871 (MPC8272) processor (revision 0x200) with 118784K/12288K bytes of memo
ry.
Processor board ID FHK102950SK
MPC8272 CPU Rev: Part Number 0xC, Mask Number 0x10
5 FastEthernet interfaces
128K bytes of non-volatile configuration memory.
28672K bytes of processor board System flash (Intel Strataflash)
Configuration register is 0x2102
05-05-2009 07:30 AM
I'm not able to create sub-interface on a 871 (test router), I don't believe it supports it. The 1800 series should work for you though.
Hope that helps.
05-05-2009 07:35 AM
Hi Collin,
Thanks for the quick reply. I was hoping I could build a similarly simple configuration I have with the old 3600 router that's way out of warranty and needs to be replaced.
I've simply configured an HSRP IP address so the new router can be slotted in with no downtime and created about a dozen static routes for the VC gear we reach across our IPSec network plus a default gateway pointing to our Checkpoint for any internet based links. The IPSec links, by the way, are provided by another router so all this unit needs to do is throw the traffic in the right direction.
Thanks,
Martin
05-05-2009 07:49 AM
The 871 does support subinterfaces. Here is a sample I just tried placing on an 871 to be sure. I also included the show ver. Perhaps it is a IOS thing. I also know that the 851 does not support it. I also believe the 831 does not, though I am not certain on the 831.
interface FastEthernet4
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet4.1
description Voice Vlan 65
encapsulation dot1Q 65
ip address 10.65.1.2 255.255.0.0
ip helper-address 10.1.1.10
ip helper-address 10.1.1.11
ip flow ingress
no snmp trap link-status
no cdp enable
!
interface FastEthernet4.2
description Voice Vlan 10
encapsulation dot1Q 10
ip address 10.1.10.2 255.255.254.0
ip helper-address 10.1.1.10
ip helper-address 10.1.1.11
ip flow ingress
no snmp trap link-status
no cdp enable
yourname#show ver
Cisco IOS Software, C870 Software (C870-ADVIPSERVICESK9-M), Version 12.4(6)T, RE
LEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2006 by Cisco Systems, Inc.
Compiled Thu 23-Feb-06 04:00 by ccai
ROM: System Bootstrap, Version 12.3(8r)YI3, RELEASE SOFTWARE
yourname uptime is 1 hour, 12 minutes
System returned to ROM by power-on
System image file is "flash:c870-advipservicesk9-mz.124-6.T.bin"
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
Cisco 871 (MPC8272) processor (revision 0x200) with 118784K/12288K bytes of memo
ry.
Processor board ID FHK102950SK
MPC8272 CPU Rev: Part Number 0xC, Mask Number 0x10
5 FastEthernet interfaces
128K bytes of non-volatile configuration memory.
28672K bytes of processor board System flash (Intel Strataflash)
Configuration register is 0x2102
05-05-2009 07:53 AM
Martin
As Jeremy has confirmed the 871 does support 802.1q. It is down to the IOS feature set ie. you need Advanced IP services to support the 802.1q feature.
Jon
05-05-2009 08:13 AM
That's the weirdest thing. If I clear the config I can create the sub-interfaces and VLAN interfaces. If I create the VLAN interfaces first, I can not create sub-interfaces (the command takes, but no configuration). I am running 12.4(24)T though. Sorry for the mis-leading information.
05-10-2009 04:14 AM
Hi guys,
Thanks for all your replies. Looks like I will be able to do what I was hoping to.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: