Hello. I am new to Cisco networking, although not new to networking itself. I am designing a network for my office and need some comments on the setup and questions below.
Right now, I'm thinking I'd like to have each department on separate subnets with a /20 net mask. I'd like to have a 1760 as the router/gateway for the entire office. Everyone in our company has to have gigabit Ethernet access (meaning every port on a switch has to be 10/100/1000). We also need VPN support so that staff on the road can connect in.
1) From what I have seen of Cisco's gigabit switches, it looks like "pure" gigabit switches are primarily reserved for wiring-closet, backbone type applications. Is this the case? Are there any Catalyst switches < 12000 series that support gigabit ethernet on every port? (Note that 10/100 ports w/ GBIC uplinks are NOT acceptable here.)
2) Currently I'm looking at a 1760-VPN/K9 bundle for our router. We are sharing a DS3 WAN connection with another firm in our building (currently we use a cheesy LinkSys router-in-a-box for net access). Will the 1760 have enough horsepower to run all of this?
3) I'm a little confused about the "stock" ports on the back of the 1760. We don't have a console to plug into the router for local management. The way I understand things now is that the AUX port can be used for remote management. Is this true? If not, how do I manage the router out-of-the-box? Also, is the 10/100 ethernet port used for internal or external access (or either)?
4) The Cisco configuration tool I used recommended a WIC-1DSU-T1-V2 WIC for outside-world access. Does this sound correct? If the stock 10/100 Ethernet port on the back can be used as the "outside world" interface, do I even need this card?
5) The tool also recommended a WIC-4ESW= 4port 10/100 switch card for LAN connections. With IOS, can each port on this card be configured to act as the gateway for a subnet? The way I'm envisioning this right now is:
Internet --> 1760 --> Gigabit Switch for each subnet --> Clients
As I said, I'm a newbie to Cisco so go easy on me. :-) TIA.
When supplying a technical solution, it is important to understand most, if not all, of your reqs.
All your users require GbE access? That seems a little extreme unless every one has a unix workstation under their desk. How many users/buildings/what apps? QoS?
If you are running a DS3 to the wan, then a 1760 should be able to handle it. A DS-3 is only 45 Meg. It is the number of transactions that may have an impact on buffering and such.
Cisco has recently release the 2970 GbE switch which has both 24 and 48 CuGbE ports and is relatively (by Cisco terms) affordable.
As far as your router goes, it should have a console port and the cable should be provided. Using hyperterminal and a serial connection, set hyperterminal to use 9.6,8,N,1 and no flow control and you'll be in.
The interface you need on your router is really dependent on what your Demark interface is. You need your WAN link to plug into your router. Your service provider should be able to tell you what interface you need or what will be provided.
Answer the questions above and I'm sure we can help you out. Also, be sure to keep the Forum updated on your progress. This could be a lot of help for others with the same sort of questions.
Thanks for the reply Bo. I've spent the morning doing some more reading and have a clearer idea as to what I need.
We are a graphics company that will be transfering lots of really large files across the network, so GbE is a must. My updated thinking is that the subweb for the graphics department should be GbE, but "ordinary" users should only need 10/100 speeds for web access and small file transfers. That will at least save some money for us. All users are in a single office right now.
QoS is a definite plus, but not required.
I've also realized that I will have to have some sort of terminal to access the router, at least for initial setup. I will be looking into that.
Based on what I have read, I'm starting to question if I need a WIC. Our existing connection requires no speical hardware on our end to get online. All we do is plug into an ethernet cable; everything beyond that is handled by the other firm we are sharing the pipe with. Given this scenario, it doesn't seem like I need a WIC if I can simply use the onboard 10/100 Ethernet port for outside-world access. Can the onboard port be used in this manner or am I way off base?
Ultimately what I would like to see happen is for the 1760 to act as if it has 5 NICs in it: the onboard 10/100 plus the 4 on the WIC-4ESW. I could then configure each of these four ports to act as the gateway to a particular subnet. Is this possible or have I missed the boat?
While I'm at it, I'll throw another wrench in the mix: NAT and DHCP. I assume that the 1760 would be able to NAT this connection for anyone inside and perform port forwarding to any system inside the network? Also, I'd like to be able to run a DHCP server for each subnet so clients don't have to worry about manually configuring IP addresses, etc. Is all of this possible with this setup?
Geesh, my head is swimming right now. Someone please help me clear it! :-o
This is all possible. However, break it down into one project at a time.
Lets look at the number,type and locations of connections you need:
Lets look at limitations based upon the infrastructure selected.
As far as using a 4wic card for routing, doesn't sound appealing and a bit more complicated than you really want to get into if it will work at all.
If you are just plugging into someone else's 10/100 port, then you won't need any WICs at all.
Realize that it doesn't matter how many GbE interfaces you have if the only routing you supply is 10/100. The only way to even utilize the GbE is to keep the GbE servers and users on the same subnet/vlan. Otherwise, you will need to buy a L-3 capable GbE device.
Terminal access? This could be just about anything. You could leave the console plugged into an existing PC and utilize a terminal server program and a modem to dial-in. You can hook a standard 56k modem to the aux port. What access are you trying to gain via 'terminal' access?
Dependent upon your architecture, you may not need any more than one router. I believe the 1760 is ISL/Dot1Q capable, so if we have separate subnets (at least an in/out for NAT) we can just create subinterfaces. This will fall out as we understand requirements better.
Answer the questions above, and then we can move onto NAT/DHCP/Switch Selection.
Users and servers is going to be ramped over the next several months. We're a new company so we are basically building from the ground up. Currently there are ~20 users and ~5 servers. Projections have that headed north of 60 users and who knows how many servers in 6 months.
Physical layout is one of the things I'm trying to determine right now. I have a general idea of what it is all going to look like, but that tends to change everytime I ask about it. I do realize that physical connections on both sides will need to be firmed up before I nail anything down for sure. ;-)
I know that all the GbE users are going to have to be on the same subnet (part of the reason I need to know physical layout). The large file transfers are only going to take place on that subnet, so I know they will all have to be on the same GbE witch and subnet. Outside of that subnet, access (and routing) will only be 10/100, but they will only go outside their subnet for internet access, etc. where 10/100 speeds won't be noticed. All other users only need 10/100 speed.
By 'terminal' access, I was referring to actually logging into the router for initial configuration. But I believe that I have that one licked by just sticking an old system in our wire closer and plugging the serial port into the console port on the router.
I'm glad to hear I wasn't completely off base with the WIC thing. I'd imagine I'll at least need some sort of LAN card to connect to the LAN if the onboard port is used for the WAN, but we'll get to that. ;-)
So here are the projects I have in my mind right now:
1) Determine physical layout of office. Everything comes into one wire closet, so physical running of wires will be part of that.
2) Determine desired network topology (meaning who needs gigabit, who goes on what subnet, etc.). Right now, I'd like this broken down by departments. At the very least, the graphics guys need there own subnet with GbE so they don't swamp the other local users when they are copying these files, right?
3) Determine equipment. Like I said, I'm hoping this can all be done from within one box. :-)
4) Move on to bigger and better headaches, err... projects. NAT, DHCP, etc.
I appreicate your pateince with me. Please post your next batch of questions. :-D
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...