I am planning to replace the Cisco 871 router in our main office, because we are adding a second router-to-router VPN connection, and because of some problems with the 871 that I think are IOS version-related (see thread557-1621809). I'm hoping to get some advice from the "real world" on what would be the best fit for our implementation.
I did call a couple of vendors, each of whom conferenced me in with their Cisco rep. One rep said the 881 router should be fine for our setup. The other said we should go to the ASA 5505 because of the additional VPN connection. Also, in the thread mentioned above, I got a recommendation from brianinms that we upgrade to a 1941 router.
Here's the setup:
The two VPN's are for after-hours access to email and a scheduling database for a couple of staff members, each terminating at an IOS router at their end. Durning business hours the users are here in the office, so tunnel traffic would be virtually nil.
Internet connection at the office is a 512K channel of our T1 (the rest is for voice lines handled separetely). Behind whatever device we end up getting for the main office will be:
Small Business Server (w/Exchange and Extranet servers)
10 workstation w/ Internet access
5 workstations w/o Internet access
4 network printers
WiFi AP for 15 in-vehicle event recorders (they download their content to an internal server via wifi when they return to our site. It amounts to a maximum of about 15 minutes of activity each per day)
Currently the 871 is functioning as firewall (CBAC) and DHCP server and implementing NAT.
The 881 would be an improvement over the 871 it replaces, just because of more memory and Zone Based firewall, plus whatever else Cisco has added in the past 3 years.
The 1941 is outside my current budget (small family business).
The ASA is a bit scary because I'm not at all familiar with the programming. I know it's similar to IOS, but I'd still have a lot steeper learning curve than with an IOS device of any kind. Is the VPN performance going to make THAT much difference in this scenario?
I appreciate any opinions and experiences anyone can share.
I did call a couple of vendors, each of whom conferenced me in with their Cisco rep. One rep said the 881 router should be fine for our setup. The other said we should go to the ASA 5505 because of the additional VPN connection. Also, in the thread mentioned above, I got a recommendation from brianinms that we upgrade to a 1941 router.
Here's the setup:
The two VPN's are for after-hours access to email and a scheduling database for a couple of staff members, each terminating at an IOS router at their end. Durning business hours the users are here in the office, so tunnel traffic would be virtually nil.
Internet connection at the office is a 512K channel of our T1 (the rest is for voice lines handled separetely). Behind whatever device we end up getting for the main office will be:
Small Business Server (w/Exchange and Extranet servers)
10 workstation w/ Internet access
5 workstations w/o Internet access
4 network printers
WiFi AP for 15 in-vehicle event recorders (they download their content to an internal server via wifi when they return to our site. It amounts to a maximum of about 15 minutes of activity each per day)
Currently the 871 is functioning as firewall (CBAC) and DHCP server and implementing NAT.
The 881 would be an improvement over the 871 it replaces, just because of more memory and Zone Based firewall, plus whatever else Cisco has added in the past 3 years.
The 1941 is outside my current budget (small family business).
The ASA is a bit scary because I'm not at all familiar with the programming. I know it's similar to IOS, but I'd still have a lot steeper learning curve than with an IOS device of any kind. Is the VPN performance going to make THAT much difference in this scenario?
I appreciate any opinions and experiences anyone can share.
