Gonna go CISCO 2514 soon, Newbie questions

[MercuryK52]

Alrighty! I'm tired of this netgear P.O.S and I'm tired of the D-Link P.O.S I had before heh and wanna go all cmd line based and have full control, and have something which does not crash for me once every week or as soon as the WAN connection becomes a bit cramped.

I think 2514 is the way to go here with two 10mbit ethernet ports.

I've got a 2.5mbit ADSL connection (which will become 8 in the near future) with a static IP, no login information or anything like that is neccessary. I basically jsut eneter the IP, Gateway and DNS info and I'm up n' running.

I think i will be able to handle setting up a CISCO via the information which s available in books and on the internet. What I do want to know is

1. Which IOS version I need (I will state my needs farther down)
2. How much an IOS license costs
3. If it's feasable / your own oppinion

Alright, I'd like to basically have the same functionally as in a normal std. NAT router.

This is what i've got right now:
WAN IP -> NetGear NAT router -> Simple Cheapo Switch -> [Internal Network]

I've got a couple of webservers, a ftp server, P2P Community Software. So ports need to be opened for those with free acces basically. I also run a WINS and DHCP server but I'd like to move that duty to the CISCO router.

I run some software which would require me to route specific ports to my workstation (which has got a permanent IP lease). Sofware like ICQ, Lotus Notes, DC and so on. I do have a gamer on this network so I guess I'd need to open up some ports there aswell.

...and that would be all.. so in conclusion

NAT
DHCP (WINS to?)
Open ports for my Server Aps (everyone allowed to access ports)
Open ports for my workstation Aps (everyone allowed to access ports)
I do have one ap which only on IP has access rights to.

Feasable? Comments?

Thanks a bunch btw! First post in here and all :]

 

[lui3]

linksys is made by cisco and does a fine job. picks up where netgear and dlink fall short. cisco badges it.

you may also want to look at a cisco 800 series dsl router since it will run the newer ios and you will get tech support on it. the 2514 can work but its a dinasour.

Lui3
CCNP,CCDA,A+/Net+
Cisco Wireless Specialization

 

[MercuryK52]

Mmm, a CISCO 800 would indeed do the job. But I was looking at the prices aswell. While they almost throw 2514 routers at you while a CISCO800 costs 450USD+ new, and is very ahrd to come by used (I live in Sweden)

 

[juniperr]

I wouldnt use a router at all I would put in a cisco PIX 501 so you get the firewall capabilities including IDS, FIXUP protocols, vpn, auth proxy, ssh, etc.. has a web interface ( i dont recommend using it cause some advanced commands are not available use the CLI).

If you do get a router like a 2500 series get one with the firewall IOS this will give you vpn, ssh, ip inspection, and enable CBAC.

 

[lui3]

that will work as well. if i had to go with the 2514 get 16meg/16meg flash/ram and install the firewall ios like juniperr said. latest version 12.2 should run fine. however alot of the features will be implemented in software so you will not get the performance with vpn/cbac that you would get with a new 800 series or 2600 or even 3700 series routers. if you have a few vpn clients that will be fine. more you will run into probs.

Lui3
CCNP,CCDA,A+/Net+
Cisco Wireless Specialization

 

[MercuryK52]

Thanks for the replies!

Humm, I do not use VPN actually, so I've got no need for that specific functionallity.

But alright, now let's se. 16/16mb IOS 12.2 , will an earlier version work if I exclude VPN? or is 12.2 the way togo nonetheless?

Ohh a question..what's up with the i, i-j, is etc stuff in the name of the IOS images, like 2003-ij-12-21 (or something)? I've been checking out some 2514 on the used market and there are these funky ios image names displayed in the std. boot up screen.

Also, 2514 might be..old to say the least, but I've gotten the impression that if I know how to set up a 2514 then I'll basically know how to set up a 2621 and some other models..I might be wrong tho. So, me thinking about getting a 2514 is not just to get functionality but to get a bit of a challenge and all.

 

[Jsteve]

The 2514 are EOL and cisco will not support it. The 800 will be the best for you (depending on the size of your company), it has a similar if not the same CLI as the 2500. So it wil be the same challange for you.

Check out these links for the IOS features i and j

http://www.cisco.com/warp/public/620/1.html

http://www.cisco.com/warp/public/620/5.shtml

Picking the correct IOS depends upon the type of hardware on the router and the software features you want to use. for example if you want to use IPsec, than you research what IOS supports that feature.

 

[MercuryK52]

Mm, but as I wrote earlier, a 800 series router costs +550USD (I made some further research regarding prices 450 was excl. VAT) over here, and that in itself is not feasable for me right now, it's to expensive. a CISCO 2514 on the other hand only costs 150USD.

Well 550USD is still cheap for being cisco and all (winder if IOS is included though...it's never typed out anywhere), I just thought I could get away with something even cheaper albeit low-tech in this connection.

In any case. those two links were really helpful. I made a search on IOS featuring simple NAT and it seems liek 12.2 is indeed the way togo there. But, I need to read up on all the features I need so that I can accurately pinpoint which IOS i'd need (unless someone just happen to know which features I need). I will actually also ask my UNI if they've got student license versions. One of my UNIs have student licenses for other softwares like Adobe, bunch of OS:es etc for free (they are, however, only valid untill a student leaves).

 

[ccmuser]

2500 will be fine.. you can pick on up for under 50 bucks US all time(I have seen as little as 15).. 2600 are pretty cheap now too.. Not a bad option considering it has a NM mod slot that greatly increases the number of supported interfaces and rates.. not to mention VOIP capable.
If it was me I would buy the 2500 and then keep my eyes open for a steal on 2600 or 1700

 

[MercuryK52]

Mm, I'm definetly gonna keep my eyes open for a 2621 later on. My connection will be upgraded to 26/26 eventually, which means that I'd need something capable of that throughput...10mbit won't cut it.

I am gonna keep my eyes open on the used market regarding the 800 series aswell although those are scarce. Even 2621 are easier to find although they still are quite expensive over here. I'd probably have one imported from US. But first thing first...


A small question...I read another thread at another forum and they talked about using serial/ethernet for wan etc.

This is a possible setup is it not?:
WAN IP from Cable Modem -> #et0 -> [2514] -> #et1 -> Switch -> [Internal Network]

...that I'll hook up one ethernet interface to the cable modem (WAN) and the other one to my LAN? Some guy said that it wouldn't work and that one of the serial ports should be used instead (only 1.5mbit)...sounds kinda strange.

Also, I read about the various functions in the IOS 12.1 software and homed in on the "Port Mapping" function. That function is not available on the 2514 model it seems. Is port mapping not the same as port forwarding or have I gotten everything wrong?

 

[ccmuser]

If you look you can get a 2600 pretty cheap in US just keep eyes open they just end of lifed them so prices will start to drop faster now. You ethernet config should work fine. use port forwarding or even route-maps for inbound traffic.


Good luck.. it looks like you should have everything you need.