we're founding a small consultancy business and therefore I need to setup a network.
I have basic knowledge and experience with Cisco IOS for routers and Catalyst switches as I setup and managed T1-, DSL-, Dialup-, Firewall- and LAN-connections with Cisco systems ranging from 800 to 3600 series. But this was 8 years ago.
As being computer scientists and IT-specialists we want to manage the network by ourselves.
The following diagramm gives a brief overview of network topology and services.
The main idea is to subdevide the hosts into one server LAN and one or more user LANs. For the moment all networks are going to be wired networks.
Basically I need assistance in selecting the right router system. It should be affordable for a small business.
I think a 892 router would do a great job, if
it supports the PPPoE client protocol on the FE WAN Link
it can negotiate network configuration from PPPoE and setup the default gateways dynamically while preserving the static routing configuration for local subnets
the GE WAN interface can be used as LAN link to the servers' LAN
it can do NAT between the ADSL WAN Link interface and the workers' LAN interface
it can do port forwarding (PAT) between the FE WAN (ADSL) interface and the LAN interface to the servers' LAN (cf. 3)
it can perform filtering (ACL) and perhaps statefull packet inspection on connections to the servers' LAN
it can perform content filtering on the interface to the workers' LAN interface
the ISDN BRI interface can be used for inbound and outbound PPP connections
It would be nice, if experts give answers on those questions.
In my scenario the interfaces would connect according to the following list:
FE LAN -> Workers' LAN
#1 GE WAN -> Servers' LAN
#2 FE WAN -> ADSL PPPoE Internet Connection
At the beginning I would want to use the 892 router's internal switch and later upgrade with an gigabit switch.
I'm not sure how to deal with the perdiodic connection reset done by the ISP. Specialists at the ISP company said, the IP/PPPoE connection is interrupted by their systems every 24h and can immediatelly be (re-)established by our systems by simply reconnecting to them. Maybe somebody can tell his experience with similar scenarios, especially along with busy WAN connections.
The ISP specialists also mentioned, that their CPE router can be configured to bridge-mode or can be totally substituted by one of our router systems. I think I would need a ADSL over ISDN (Euro) WAN interface, which afaik in the 800 Series routers isn't manufactured along with 2 G-/F-E interfaces.
The 892 routers include one ISDN BRI interface, which I would like to use for inbound PPP connections without having a RADIUS or LDAP service. I think it can be done with basic AAA directly on the router. Is that right?
I'm looking forward to get some feedback from you.
# it supports the PPPoE client protocol on the FE WAN Link Yes it can # it can negotiate network configuration from PPPoE and setup the default gateways dynamically while preserving the static routing configuration for local subnets Yes it can # the GE WAN interface can be used as LAN link to the servers' LAN Yes it can # it can do NAT between the ADSL WAN Link interface and the workers' LAN interface Yes it can # it can do port forwarding (PAT) between the FE WAN (ADSL) interface and the LAN interface to the servers' LAN (cf. 3) Yes it can # it can perform filtering (ACL) and perhaps statefull packet inspection on connections to the servers' LAN Yes it can (requires Adv Security IOS) # it can perform content filtering on the interface to the workers' LAN interface It can not do this # the ISDN BRI interface can be used for inbound and outbound PPP connections Yes it can
Your ISP clearing your connection is a bit strange. If they use DHCP it shouldn't be too big of a problem as the router will automatically try and get another one. I would place the DSL modem into bridge mode, it makes troubleshooting easier. I don't have any experience with ADSL over ISDN so I'm afraid I can't help you there. You can 'emulate' AAA on the router by using the local database.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...