Solved

2811 Router for Firewall

Posted on 2010-09-15
7
535 Views
Last Modified: 2012-05-10
I have a Cisco 2811 Router, and I would like to get my CCNA/Security Cert. Will this router function as a firewall for my lab inviroment?

If not what would you sugest?
0
Comment
Question by:troy93955
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 9

Expert Comment

by:ffleisma
ID: 33688384
If you are familiar with GNS, you could make a lab setup for various Cisco IOS routers, PIX and ASA. Packet Tracer could also help you on simulations with AAA, latest version 5.3 has RADIUS and TACACs server on it.

Glad to help you if you wish to use GNS. :-)
0
 

Author Comment

by:troy93955
ID: 33688413
I have:
2 2850's (Sorry messed up on first post)
4 4811
3 2950 Sw
1 3550 Sw

I was kind of hoping to build a sweet lab. I recieved all the equipment for free so was no money out of pocket (Yet). But I seem to be a little obsessed right now with the whole lab thing.

Your thoughts?

What is GNS anyway? I have heard of Packet tracer though.
0
 
LVL 22

Assisted Solution

by:Matt V
Matt V earned 100 total points
ID: 33688430
Current IOS versions can be purchased with the basic firewall and stateful firewall editions for the 2800 series.

These editions will allow you to do the required prep work for the CCNA security.  PIX is a dead technology, but if you come across an ASA that would be good practice as well.
0
Simple, centralized multimedia control

Watch and learn to see how ATEN provided an easy and effective way for three jointly-owned pubs to control the 60 televisions located across their three venues utilizing the ATEN Control System, Modular Matrix Switch and HDBaseT extenders.

 
LVL 9

Accepted Solution

by:
ffleisma earned 400 total points
ID: 33688448
GNS is an emulator for Cisco IOS, unlike simuators like Packet Tracer, it actually runs a real Cisco IOS, it can also handle PIX and ASA great for building virtual Labs without spending a dime.

Also, you can setup a lab in GNS, use your existing ethernet card on your PC, then interface it from the virtual environment towards a physical switch/router.

if need materials you can go to link I found, great complete materials. everything you need

http://www.careercert.info/2009/08/cisco-ccna-security-certification.html

looking at the coverage for CCNA security, I think Packet Tracer can handle most of the labs needed there.

but if your planning on continuing to CCSP, you'll have to have hands on ASA.

Link to GNS is below

http://www.gns3.net/

I know this would open a lot of questions for you man, just fire on, be glad to help.

For me I've been using GNS to complete my CCNP, done incredible labs for my BSCI, and sometimes even before I deploy a solution in my job, i usually simulate first on GNS.

0
 
LVL 9

Expert Comment

by:ffleisma
ID: 33688463
I've looked further into the coverage for CCNA security. I think you won't have much probelm using your existing equipment as long as you have the IOS with features for VPN, IOS firewall, and IOS IPS. I suggest upgarde your IOS to advance enterprise if you can.

Besides that, another configuration would be AAA. you'll need to setup a TACACs or RADIUS server, there are a lot of freeware RADIUS server that runs on linux, a few on windows. I found a 30 day free TACACs linked below.

http://www.xperiencetech.com/download/gettrial.asp
http://www.xpresslearn.com/tools/software-tools/cisco-tacacs-server-for-windows

If you don't want to fuss over intalling a TACACs/RADIUS server, then using Packet Tracer 5.3 would be sufficient for practice, it has TACACs and RADIUS there that you can play with.

0
 

Author Comment

by:troy93955
ID: 33688522
sorry dude let me get my head out...
4 1841,s
2 2811,s
0
 

Author Closing Comment

by:troy93955
ID: 33688536
Thanks Guys
0

Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
Make the most of your online learning experience.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question