Currently our network looks like the attached image (current.jpg)... pretty simple really.
But we are adding capacity from a 1.5Mbs T1 to fiber 10Mbs. The fiber connectivity is delivered via Ethernet, but we are still required to have routing equipment. They deliver the service routed behind our interface (E0 x.x.x.126). We will also be adding several NAT'ed VLANS to the area behind the firewall in the near future.
My initial thought was to use one of the Integrated services routers that has a firewall built in but I am not sure how the firewalling and NAT would work if they are delivering behind our side of the interface. Is it done with virtual interfaces? Would we need to add a switch module to the router? Would we be better off with a more traditional router and a pix?
Since the Bandwidth you are going to have in your site is more i would suggest to go for individual devices to take care of the functionalities like routing/security instead loading all the functionalities onto a single device which could make the device to hang or freeze up..
On the operations point of view too you will have ofcourse multiple devices but you will be able to figure out what has went wrong or the possible reason for the problems instead having all the functionalities in a single device and hitting the bush :-) ..
Actually I had recently attended a meeting at cisco where they were promoting ISRs. They had shown some statictics from third party tests that a 3845 can sustain a WAN link of 50 Mbps with concurrent voice,video and data applications running.
Pls check the following links for the test reports:
Also I was seeing your diagram. You have mentioned a subnet of C class. Which means your network consists of not more than 254 computers. Even if we provision expansion, then also I think ISRs are right choice for you.
I think you should definately go for ISR. This will help you save lot of money.
In my current setup I have all of my machines behind a firewall with port forwarding to select services. My new isp is used to traditional routers, they tell me that they will route my ip block (a /27) to behind my interface (x.x.x.126) in my attached picture. I guess I am just hung up on understanding how the configuration would look with routing, firewall, and NAT with an ISR. I will be breaking new ground and wont be able to count on my ISP for help on this as they dont know anything about the ISRs.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...