1. Home
  2. Cisco Systems
  3. Proof of Concept needed.

Proof of Concept needed.

I am working on a project for a new remote office. Our current VPN/ Network set up has us using EOL'd equipment from another vendor. I have the opportunity to buy some new stuff with the project.

I am looking at getting a Cisco ASA 5505 for our main office, this would control all the VPN users and also the access into and out of our main location. We have an external webserver that is located here. Everything else is internal only (single network segment).

Then I am thinking of getting Cisco 871 Routers for the remote locations, there are going to be two right now. These will be set up for site to site VPN connections to allow remote access from these seperate segments. Currently one of the remote locations has its own DC, the second one will within 6 months have its own as we put more people into this location.

Sound like it should work? Am I missing anything blarring?

TIA.

Tim

Reply to
TimParker
Loading thread data ...

Sounds great except for the ASA...I'd look at aggregating your VPN tunnels onto a router with hardware encryption offloading. This is especially true if you have voice or other small packet traffic across the tunnels. Unfortunately, Cisco falls flat on encryption performance with many small flows with small packets. Dump the ASA and go with a decent router w/encryption engine.

Reply to
fugettaboutit

We won't be doing any voice at this point, too advanced for us right now. Which router would you recommend for aggregating the tunnels? I was figuring the ASA would be good for our remote users VPN clients and also the site to site ones. Always open for suggestions. I can go back to our source and see what other routers we might be able to get....

Look forward to hearing your suggestions.

Reply to
TimParker

what router would you recommend getting instead of the ASA. I can check and see if our non-profit source for hardware has any other models. Look forward to hearing your suggestion.

Tim

Reply to
TimParker

You might consider the 2800 series with an AIM (AIM-VPN/SSL-2)module. Depending on the specific 2800 router model, you can see IPSec performance from 30 - 100+ Mbps. Cisco will note large packet sizes, however (1400 bytes).

Reply to
fugettaboutit

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.