dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
20
share rss forum feed


kamikatze

join:2007-11-02
kudos:2

2 edits
reply to ImranUK

Re: [H/W] Home Setup - 50MB Cable Connection

Throughput. ASA can do wirespeed with pretty much anything you throw at it. And for home use you would only need a firewall,
ASA is one from mother nature.
The tiny 5505 is AMD Geode 500 MHz chip, bunch of DDR, linux kernel, ASA code on top of linux.

Disadvantages i had run into:
* No telnet/ssh client on the box itself, which doesn't seem much of a big deal but IT IS, especially if it's the only box lying around a network.

* No DHCP reservations.

I run a 1811 at home. It can max out my 100Mbps pipe any day of the week.


ImranUK

join:2005-02-08

said by kamikatze:

An 861 is able to push that but with no extra services enabled (firewall/IPS/crypto), just NAT and some ACL entries.

If you want more power look for a 1811/1812, they are super speedy for this job.

You'll also gonna need a 802.11n access point, a cheap D-Link/Linksys should do. No need to go Cisco for 11n home use.
I guess I will only require a few NAT rules and ACL entries.

Looking at the 1811/1812, cheapest possible available is £580 ish.

Someone has recommended a 2651XM which they use with a 50mb cable connection, any comments?

Which access point in particular would you recommend? I would possibly need something with a high gain antenna etc

said by HELLFIRE:

The 1801 - 1812 models, bar none. Avoid the 1841 and the lower end 28xx-series.
Only difference between th 180x and 181x models is an additional routed FA port.

If you're feeling daring, the ASA5505 should also be able to handle a 50Mbit pipe
and come in under the $500 price-mark, though I haven't had a chance to test one
to it's limits yet.

Regards
Thanks Hellfire, looking at the ASA5505

kamikatze, how difficult would a 1811 be to configure?

Thanks everyone

tibook
Premium
join:2010-02-15
Chesapeake, VA
reply to kamikatze

NAT reservations isn't a big deal, I can just assign static IPs beyond the leasing scope.

I assume though, that the ASA can't do things like QoS, or bandwidth restrictions on a certain port, or can it?

For home, I'm not too concerned about the firewall, just NAT, some port routing, and low latency/fast throughput.



kamikatze

join:2007-11-02
kudos:2

2 edits

said by tibook:

I assume though, that the ASA can't do things like QoS, or bandwidth restrictions on a certain port, or can it?
It can.

»www.cisco.com/en/US/docs/securit···p1064207

The security appliance supports the following QoS features:

•Policing—To prevent individual flows from hogging the network bandwidth, you can limit the maximum bandwidth used per flow. See the "Policing Overview" section for more information.

•Priority queuing—For critical traffic that cannot tolerate latency, such as Voice over IP (VoIP), you can identify traffic for Low Latency Queuing (LLQ) so that it is always transmitted ahead of other traffic. See the "Priority Queueing Overview" section for more information.

•Traffic shaping—If you have a device that transmits packets at a high speed, such as a security appliance with Fast Ethernet, and it is connected to a low speed device such as a cable modem, then the cable modem is a bottleneck at which packets are frequently dropped. To manage networks with differing line speeds, you can configure the security appliance to transmit packets at a fixed slower rate. See the "Traffic Shaping Overview" section for more information.

For home, I'm not too concerned about the firewall, just NAT, some port routing, and low latency/fast throughput.
You should be fine with any of the newer boxes, 891/181x/180x/19xx/ASA5505.

The 1800 series is just as simple/difficult to configure as any other Cisco router, nothing uncommon.

Try looking for 1801/1802, they are cheaper but you lose a routed Fa port. (just 1 routed Fa for WAN and the built-in switch for LAN). You should be able to find them way under 500, i paid 188 GBP for mine, but i stalked ebay for a while:)
Good luck!

Oh and as far as the 2651XM goes, don't even think about it, it's ancient technology, it spits blood at ~15-20Mbps. I have one in my lab, very nice gear but not for 2010.