2811 Router for Firewall

I have a Cisco 2811 Router, and I would like to get my CCNA/Security Cert. Will this router function as a firewall for my lab inviroment?

If not what would you sugest?
troy93955Asked:
Who is Participating?
 
ffleismaConnect With a Mentor Senior Network EngineerCommented:
GNS is an emulator for Cisco IOS, unlike simuators like Packet Tracer, it actually runs a real Cisco IOS, it can also handle PIX and ASA great for building virtual Labs without spending a dime.

Also, you can setup a lab in GNS, use your existing ethernet card on your PC, then interface it from the virtual environment towards a physical switch/router.

if need materials you can go to link I found, great complete materials. everything you need

http://www.careercert.info/2009/08/cisco-ccna-security-certification.html

looking at the coverage for CCNA security, I think Packet Tracer can handle most of the labs needed there.

but if your planning on continuing to CCSP, you'll have to have hands on ASA.

Link to GNS is below

http://www.gns3.net/

I know this would open a lot of questions for you man, just fire on, be glad to help.

For me I've been using GNS to complete my CCNP, done incredible labs for my BSCI, and sometimes even before I deploy a solution in my job, i usually simulate first on GNS.

0
 
ffleismaSenior Network EngineerCommented:
If you are familiar with GNS, you could make a lab setup for various Cisco IOS routers, PIX and ASA. Packet Tracer could also help you on simulations with AAA, latest version 5.3 has RADIUS and TACACs server on it.

Glad to help you if you wish to use GNS. :-)
0
 
troy93955Author Commented:
I have:
2 2850's (Sorry messed up on first post)
4 4811
3 2950 Sw
1 3550 Sw

I was kind of hoping to build a sweet lab. I recieved all the equipment for free so was no money out of pocket (Yet). But I seem to be a little obsessed right now with the whole lab thing.

Your thoughts?

What is GNS anyway? I have heard of Packet tracer though.
0
The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

 
Matt VConnect With a Mentor Commented:
Current IOS versions can be purchased with the basic firewall and stateful firewall editions for the 2800 series.

These editions will allow you to do the required prep work for the CCNA security.  PIX is a dead technology, but if you come across an ASA that would be good practice as well.
0
 
ffleismaSenior Network EngineerCommented:
I've looked further into the coverage for CCNA security. I think you won't have much probelm using your existing equipment as long as you have the IOS with features for VPN, IOS firewall, and IOS IPS. I suggest upgarde your IOS to advance enterprise if you can.

Besides that, another configuration would be AAA. you'll need to setup a TACACs or RADIUS server, there are a lot of freeware RADIUS server that runs on linux, a few on windows. I found a 30 day free TACACs linked below.

http://www.xperiencetech.com/download/gettrial.asp
http://www.xpresslearn.com/tools/software-tools/cisco-tacacs-server-for-windows

If you don't want to fuss over intalling a TACACs/RADIUS server, then using Packet Tracer 5.3 would be sufficient for practice, it has TACACs and RADIUS there that you can play with.

0
 
troy93955Author Commented:
sorry dude let me get my head out...
4 1841,s
2 2811,s
0
 
troy93955Author Commented:
Thanks Guys
0
All Courses

From novice to tech pro — start learning today.