Solved

Cisco 881 or 1921 router

Posted on 2011-02-22
9
2,385 Views
Last Modified: 2012-05-11
I am looking at solutions for a branch office.  Currently it has an ADSL connection, coming into an ASA 5505.  There are site to site vpns, some client vpn traffiic.  Office is 10 users.  We have a need to add more bandwidth but getting a T1 is cost prohibitive at the moment.  So I've added a second DSL line.  I need another device to perform some type of load balancing or traffic shaping as the 5505 cannot do that.  The 2nd DSL line is going to be reserved for one application or user.

I am choosing between the 881 and 1921.  Obviously the 1921 is a better device but is is overkill for this scenario?  Would I still use the 5505 as a firewall regardless.  Seems like neither device could replace the ASA firewall capabilities.  There also remains the possibility of going to a T1 down the line, maybe a year or so.
0
Comment
Question by:dmwynne
  • 2
  • 2
  • 2
  • +2
9 Comments
 
LVL 12

Expert Comment

by:Fidelius
Comment Utility
Hello,

Cisco 1921 is maybe overkill for this scenario, but is more future proof concept if you will upgrade to T1, also it will easier support more users. Also, if you will using it as firewall, 1921 is definitely way to go. It can do almost everything ASA 5505 does, and regarding VPNs:
        
 Cisco Product Matrix
http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6635/ps7180/prod_brochure09186a00801f0a72_ns171_Networking_Solutions_Brochure.html

Hope this helps!
Regards!
0
 
LVL 6

Expert Comment

by:wpharaon
Comment Utility
I would get the 1921, as you see future requirements would be fulfilled
0
 
LVL 34

Assisted Solution

by:Istvan Kalmar
Istvan Kalmar earned 50 total points
Comment Utility
Hi,

you able to us 2 WAN with ASA 5505 if you buy SEC+ feature!
If you need T1 card you need to bux 19xx series!

Best regards,
Istvan
0
 
LVL 14

Author Comment

by:dmwynne
Comment Utility
Fidelius:

Is the firewall on the 1921 the exact same as the ASA?  I thought the ASA was more robust as its built as a firewall not a router then firewall.



ikalmar:

I believe you are able to use two WAN in a failover scenario but not use them simultaneously in a laod balance setup.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Expert Comment

by:ThomasChristory
Comment Utility
I would still keep the asa as a firewall, maybe in transparent mode though.
0
 
LVL 14

Author Comment

by:dmwynne
Comment Utility
It is not clear to me if the 881 can handle two internet connections.  Can anyone confirm that?  Seems like it can only handle 1 wan ethernet handoff.
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
Comment Utility
It knows 8 vlans so you able to do it:

http://www.cisco.com/en/US/prod/collateral/routers/ps380/data_sheet_c78_459542.html

So I think you able to use it with 2 WAN connections...
0
 
LVL 12

Accepted Solution

by:
Fidelius earned 300 total points
Comment Utility
Cisco IOS firewwall and ASA are almost the same.
Here you can find good discussion about it: https://learningnetwork.cisco.com/thread/4995
I think it will answer all your questions regarding IOS firewall and ASA.

Regarding termination of 2 WAN connections on 881, it should be viable configuring VLANs for each DSL line, as Istvan suggested in his posr.

Other solution is to put L2 managed switch in front of 881. Create two VLANs, one for each DSL line, and connect it through trunk to WAN port of 881, on which you need to create sub-interfaces for each VLAN. I can send you config if you need it.

Regards!
0
 

Assisted Solution

by:ThomasChristory
ThomasChristory earned 150 total points
Comment Utility
or you can go with one 891/2 which has 2 native wan ports :-)
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
Security is one of the biggest concerns when moving and migrating your data from your on-premise location to the Public Cloud.  Where is your data? Who can access it? Will it be safe from accidental deletion?  All of these questions and more are imp…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now