Equipment Support > Hardware By Brand > Cisco > [Info] Router and switch suggestions for small office

[Info] Router and switch suggestions for small office

Well there are a couple solutions. Do you need to meet HIPPA compliance or DoD/Federal standards?

For a T1 line (which I recommend against unless you need constant uptime):

Cisco 1921/41 (or 1841) for the router (also handles Call Manager), to a firewall (ASA or something else), to a Catalyst 3750. You can stack the 3750's and if you need more ports add another switch. You could also go for a heirarchical model by using the 3750's at the "core" and 2960's at the access. Alternatively, if your going to "flatten" the layers and use the ASA for internal routing, then go for a 2960G or HP Procurve. At this stage of the game I would go for a full gigabit switch if possible. I would also go for VoIP using Call Manager or some other solution as traditional PBX's have rapidly fallen out of favor.

Also, note that with 50-60 people on the internet it's going to get realllll slllooowww if they use it a lot. This is even more true if it's a fractional T1 as part of it would be used for phone. What I would say do if you have to use T1 is get a full T1 line, then an additional full or fractional T1 for phones.

For a Buisness class DSL or Cable Line:

Modem to ASA 5505 or 5510/other firewall to the same swithes.

Following is typical network setup of typical small office setup like you have.

You could consider to have both T1 and some broadband solution like DSL or Cable Internet where the T1 is (mostly) for the VoIP and the broadband is (mostly) for the Internet. Broadband bandwidth should be at least 20 Mbps to start with.

With this solution, you will need both the 1921 router and ASA 5505. The T1 connects directly to the router. The ASA connects to both the broadband and the router.

There are two GigabitEthernet ports on the router and two T1 slots. You can use one of the T1 slot to terminate the T1. You can then connect first GigabitEthernet port to the ASA and second GigabitEthernet port to a LAN switch.

The router should be providing default gateway for all machines. The router then will have some kind of static routes pointing to the T1 for all VoIP traffic and a default static route pointing to the ASA for Internet traffic.

That is what I was thinking as well. I will need to go look up a 1921. I

Thanks

reply to skokie
Out of curiosity, what's your budget?

There is no budget yet. I am getting ideas so I can get potential prices in order to tell the bossman that I will need etc amount

Okay...

What Aryoba mentioned was coincedentally right down the train of thought I was on The only difference is that I was thinking of an ASA5510 simply because you were speaking of "growth." With that being said, you'd want to budget to give yourself some room.

Additionally, if you wanted to save any additional cpu cycles, you could always look at pushing VoIP duties to another device. I run "PBX-In-A-Flash" behind my 871w (getting ready to upgrade to a larger router myself); "if" that were something you were willing to pursue, it's a solid option for voice functionality, otherwise, what's been suggested will "do you right" as well.

Jay

reply to skokie
Thanks for the input guys. I do appreciate it. Have not made any final decisions yet on anything but I am leaning toward the 1921/41 or a 2921. Switches will need POE and gige capable for the users. Made a call yesterday to get an idea of a price based off of what everyone posted etc.

Without a solid location it will be difficult but since I am looking for general info on pricing it should do. Thanks again and as I get closer to actually doing this I will come back to this thread and update it.

Oh yeah and I reserve the right to ask about 1000 questions to

skokie , make sure you review the following link before deciding to go with 1900 series.

»www.cisco.com/en/US/products/ps1···les.html

Depending on what kind of T1 circuit you are getting, the 1900 series may or may not support it. Your best bet is probably the 2900 series since the 2900 series support more features than 1900 series.

reply to skokie
Thought I'd toss in my 0000010bits.

The stackable 3750s is a pretty good idea, as you can stack another 24 or 48port switch as you grow.
If you want to buy big now, a 45xx switch may be the way to go, and add additional linecards as needed.
How fast does your friend think they'll grow?

I think others have well covered what model ISRs you should consider. Something I should mention
about the ASA is unless you're experienced with its security model and configs (eg. TCP MAP, ISN
randomization), CBAC and the newer ZBFW offers (nearly) as good a protection. Also the 5505 / Base
capabilities in my view is rather limited for what you get -- key being the 10 / 50 / UL user licence packs.
Also are you looking for a straight firewall with trust / untrust, or are you looking for added functionality
such as multiple security zones, security contexts / VRFs, and features such as IPS and AV? If the latter,
you'll have to look to the higher model ASAs as 5505 is limited to about the same amount of signatures
as IOS was back in 12.3 unless you get an expansion IPS module.

Another question you should ask yourself is besides the equipment itself, are you planning to get SMARTnet
for this stuff or not, which you should factor into the budget for this.

Let us know how it goes.

Regards

reply to skokie
Well I know that the 3750 with gigabit, PoE, and 48 ports will cost you about $10k per unit, unless you can get some kind of a discount. You can get a 1921 with T1-HWIC for about $1,400 and a 2921 with Voice bundle for about $3k.

Given the stupid-high markup for POE integrated switches, it's unlikely I'll ever buy one or recommend anyone even bother looking. PowerDsine makes midspan power inserters for less than the cost of a single port on a non-poe switch. They can be found very cheaply on eBay. Yes, it's one more device to fail. And it's a bit more cabling. BUT, switch+midspan is much cheaper than a poe-switch -- plenty cheap enough to keep backups.

(And for the record, there are enterprise switch vendors other than Cisco.)

As for routers... if you want something current and supported, the ISR G2 line (19xx, 29xx, 39xx) is where you should focus. If you will only ever need T1 speeds (up to about 6Mbps), then the 1900 line will do. For multi-megabit (DS3, subrate DS3, metro-ethernet), a 3900 will be needed to support those speeds with any services. (and NAT counts as a service.) If cheap, "works for now", is what you're after, I'd say find a used 3725 or 3745 -- they can be found for ~200 on ebay. (and when it becomes too slow for routing, it's a fine platform for voip.)

For people using a computer, a T1 is just way too slow. It gets even worse where there is more than one person. This I know far too well. :-(

Any new, current gen, Cisco gear is going to be expensive. Depending on where you are, DS3/Ethernet connectivity isn't all that expensive; more than business cable, but then it's an *actual* business service.

reply to skokie
sk1939:

I'm getting into using Juniper and actually like it. Though their pricing isn't THAT much cheaper than Cisco.

The one ISP I deal with recently switched from Cisco to Juniper, so I wanted to see what all the fuss was about.

reply to aryoba
Aryoba

I was on the fence about using the 1921/41 but that link knocked me over. I have pretty much decided on a 2900. It may be overkill for now but it does allow a good amount of growth for down the road.

reply to HELLFIRE
HELLFIRE

I do like that 3700 series. I worked on a few of those when they first came out when I was in a 2nd level network support position. I dont see the need for a 4500 switch unless growth goes through the roof ex 125-175 + people etc.

As far as the ASA at this time since we are just getting started I am looking for the straight trust/untrust but I am sure that more will come down the road. And after going over the 5505 and 5510 specs again a 5510 size device may be the better bet for growth etc.

As far as a contract goes I am going to be going through a vendor and a smartnet contract will be a MUST.

reply to cramer
Cramer

The plan is to have 1-2 t1s for voip only and a business cable line for the internet access. Dont get me wrong I love a good DS3

reply to skokie
I can't honestly believe that an office of 20 or 50 or even 100 people has any need for the 3750 gigabit switches (45xx? seriously?), unless there are some extremely demanding data transfer needs. Just the Smartnet coverage expense on those over a few years would pay for some very capable HP or even Cisco small biz POE switches that would support a few VLANs and all the capabilities they'd need to get started.

I bought 3550s for some 50-ish user clients back in the day because they were the only POE option for Cisco VOIP, but they've never come close to stressing that architecture. The 3750 is certainly very nice and has its place, but recommending a $5-10K access switch for a small business switch is just irresponsible in my opinion.

If the company explodes in growth there will be plenty of time to load up the rack with expensive gear and build an enterprise-class architecture.

Jester121

I hear what you are saying and I am not against an HP switch at all. Just ideas floating around right now. I have supported cat 4,5, and 6 switches when I was doing support and know they are on the heavy duty side.

The 3550 are a good switch as well and folks were going after them for just their POE option even though it was over kill.

Appreciate the comments.