|
to chugger93
Re: [Info] Cisco Router Recommendation Homesaid by chugger93:Which begs the other question. Should I put an 1841 in front of the as taro firewall or behind it. Sure..I'm introducing an extra hop into my outbound internet connection...but it'll be good to learn since I'm a sys/net admin anyways. Do you want to learn Cisco AND have it as your edge device? Or do you just want to learn Cisco? If you don't want to remove the Astaro or lose any of its functionality or disrupt your internet everytime you have to do something to the 1841 -- ie. reload, etc. -- put the 1841 as an inside host to play around with. As stated, transparent mode for the Astaro is also a viable option in this case. I also set a requirement to have a "show version" present when looking at an ebay item, just from a check sanity POV. Regards |
|
tubbynetreminds me of the danse russe MVM join:2008-01-16 Gilbert, AZ |
to TomS_
said by TomS_:ISR G1 will run IOS 15, and without any of the silly license restrictions that the ISR G2 series will have, so youre only missing out on the latest hardware. my 2821 tops out at 15.1m. not a huge loss, but i cant do 15.2+ q. |
|
|
to HELLFIRE
What exactly does the show version show? Firmware version? Can't you just flash the latest firmware anyways?
Yes, just learn it, so putting as inside host seems like a better option eh.... |
|
|
DarkLogixTexan and Proud Premium Member join:2008-10-23 Baytown, TX |
Show ver shows several things Rommon version IOS version and feature set config-register memory amount flash size and some more
and no unless you have an active smartnet contract you can't legally download a newer IOS or rommon
so a Sh ver in the listing tells you more about what you're buying because if buying on ebay you are likely not going to have an active smartnet contract so you'll be stuck with whichever IOS it comes with
so basically if you were a business you'd buy smartnet with atleast one of your cisco devices and then you could download the latest IOS and other software for it as long as you keep it current.
in fact you could buy say a 3850X switch with lan base software (if they even sell that model with just a lowend feature set) then login to cisco.com with a cco login and download the latest IPadvServ IOS for it
of course that's assuming they haven't added some other restrictions since the last time I had access to smartnet. |
|
|
Ahh I see. Well, it's already on the way shipping wise. Shame on me I guess. I will post it here once I receive it. Good to know.
Worse case scenario, I guess I can always relist it on ebay. |
|
|
to DarkLogix
said by DarkLogix:Show ver shows several things Rommon version IOS version and feature set config-register memory amount flash size and some more One of the most important factor in today's setup is that the show version command show installed license. When you only deal with universal image, you can only get bug fixes or basic feature advancement with image upgrade and not unlock advanced feature until you apply appropriate license |
|
|
to chugger93
said by chugger93:What exactly does the show version show? Why I always look for a show ver in a sales listing is to make sure the seller knows a) what they're selling, and b) as a sanity check of what they're offering. I've seen one or two "show vers" that SERIOUSLY made me question what is being listed -- ie. hardware not matching up with what's listed. I make a personal point that if the "show ver" is not available, or looks sketchy, to take my business elsewhere. My 00000010bits Regards |
|
DarkLogixTexan and Proud Premium Member join:2008-10-23 Baytown, TX |
to aryoba
said by aryoba:said by DarkLogix:Show ver shows several things Rommon version IOS version and feature set config-register memory amount flash size and some more One of the most important factor in today's setup is that the show version command show installed license. When you only deal with universal image, you can only get bug fixes or basic feature advancement with image upgrade and not unlock advanced feature until you apply appropriate license Thought that part was only true with IOS 15 not 12. |
|
1 edit |
aryoba
MVM
2013-Dec-10 10:36 am
For routers, maybe; but not for switches When you work with newer line of routers and switches (i.e. 881 router or 3560X switch), they come with universal IOS image version 12.x; which is obviously not IOS version 15.x. Until you apply certain license (i.e. Advanced Security or Advanced Services for routers; and IP Services for switches); you only end up with basic IOS features. And no, there is no other flavor of IOS image version 12.x for these newer line of products |
|
DarkLogixTexan and Proud Premium Member join:2008-10-23 Baytown, TX 1 edit |
DarkLogix
Premium Member
2013-Dec-10 10:43 am
And what about if its not a "universal" image but say a advIPserv image?
was there a given version within 12.x that this new model kicked in?
last I looked there was still non universal images, though I can only see not download.
ok I see the 881 onyl has the uni, thought you ment the whole x8xx line |
|
|
aryoba
MVM
2013-Dec-10 11:08 am
This uni-versus-non-uni issue has been making me loving towards Juniper product even more where with basic license you already have advanced features. Having a firewall like SRX with OSPF, BGP, VRF, MPLS, VPLS features by default is something never be in Cisco lines |
|
DarkLogixTexan and Proud Premium Member join:2008-10-23 Baytown, TX |
DarkLogix
Premium Member
2013-Dec-10 11:30 am
It can be if like VMware they see the errors of their way (think esxi 5.0 then 5.1 licensing reversal)
but um don't hold your breath I would assume would apply.
I wish our juniper junk would be doing OSPF (heck rip would be a step up and you know I hate RIP)
LOL a global multi-company organization that uses only static routing (yep that's what I'm stuck with) |
|
|
aryoba
MVM
2013-Dec-10 11:57 am
Actually there are many global companies still heavily rely on static routes even though there are BGP on their MPLS cloud. Some of them are moving towards dynamic routing protocol once they decide to have redundancy. |
|
aryoba |
to DarkLogix
OSPF, RIP, or any routing protocol are great solutions when they are carefully architect-ed and implemented. There is a major global company that only implement either static routes or RIP to peer with business partners (B2B), and it has been working fine for years. |
|
|
Hey everyone, I got my 1841! Here is the show version. Please let me know what you think Router>show version Cisco IOS Software, 1841 Software (C1841-IPBASE-M), Version 12.4(1c), RELEASE SOFTWARE (fc1) Technical Support: » www.cisco.com/techsupportCopyright (c) 1986-2005 by Cisco Systems, Inc. Compiled Tue 25-Oct-05 17:10 by evmiller ROM: System Bootstrap, Version 12.4(13r)T, RELEASE SOFTWARE (fc1) Router uptime is 2 minutes System returned to ROM by power-on System image file is "flash:c1841-ipbase-mz.124-1c.bin" Cisco 1841 (revision 7.0) with 114688K/16384K bytes of memory. Processor board ID FTX1224W08D 2 FastEthernet interfaces 1 Serial interface WIC with 56k 4-wire CSU/DSU DRAM configuration is 64 bits wide with parity disabled. 191K bytes of NVRAM. 31360K bytes of ATA CompactFlash (Read/Write) Configuration register is 0x2102 Router> |
|
|
to chugger93
Least it powers... that's good news. "flash:c1841-ipbase-mz.124-1c.bin"
For a lab environment, above should be good enough, but if you want to get more advanced -- VPN, firewall, etc. -- the IPBase is going to hold you back majorly. Like I said, look into a larger CF card for it, and any cheap PC133 SODIMM RAM if you can... IIRC, 1841 will go up to 384MB of RAM. What's "show inventory" display? Otherwise happy learning! Regards |
|
|
Agreed. I picked up some 256Mb SODIMMs on Ebay for about 10 bucks each to add to the 128 on board. This maxes out the 1841 RAM. 64Mb compact flash are also reasonably cheap. All you need then is a friend with an 1841 AdvServices (or similar) IOS that you can "borrow" for "testing and evaluation purposes"... |
|
DarkLogixTexan and Proud Premium Member join:2008-10-23 Baytown, TX 1 edit |
to aryoba
said by aryoba:OSPF, RIP, or any routing protocol are great solutions when they are carefully architect-ed and implemented. There is a major global company that only implement either static routes or RIP to peer with business partners (B2B), and it has been working fine for years. Ya static routing "can" be "ok" but has more admin overhead to maintain and each additional site adds exponentially more routes to maintain redundancy (well unless a hub and spoke with a central site that can kill the whole thing) And then adding link-state behavior to static routes is kinda like building your own half-arsed routing protocol so ya it can be ok and can work just fine for years but it has scaling issues. IMO when a 3rd site comes into existence its time to redo things to plan to scale as the number of static routes to maintain redundancy goes up alot at 3 sites connected in a mesh. |
|
DarkLogix |
to markysharkey
said by markysharkey:64Mb compact flash are also reasonably cheap. Due to a Seller shipping the wrong CF with a MB recently I have a spare 64mb cisco branded CF card |
|
|
God I feel way in over my head. Im not entirely sure what some of you are talking about. I've worked with a Cisco 1700 about 8 years back but that was the last time. I dabbled a little last night using the serial cable and doing a show running-config to see what it all looks like. Does the 1841 do vlans too? What sorta firewall, etc does it do?
I guess I'm looking for the best place to get some documentation, etc (google?)
I want to start off by configuring one interface (the one that connects to my Astaro firewall) and then the other interface (which would go to my switches)
Internet(comcast) --> Astaro Firewall --> Cisco 1841 --> 24 port layer 2 linksys switch
One day I will get a Cisco layer 3 switch but for now..I'm focusing on the router. |
|
DarkLogixTexan and Proud Premium Member join:2008-10-23 Baytown, TX |
DarkLogix
Premium Member
2013-Dec-12 12:13 pm
With a L2 manages switch you could do sub-interfaces and then have multiple vlans on the switch with the router routing them
You could also get a 4port switch HWIC and then you could do vlans on the router.
to do sub-interfaces you do the following conf t int fa 0/1 (assuming its 0/1 pointing to the switch) no ip address int fa 0/1.1 encap dot1q (ok check the syntax its been awhile and you need to set the vlan number in this command)
then keep going for any sub-interfaces you want with fa 0/1.x (its common for x=vlan number but it doesn't set it the encap part does that) |
|
|
I see. So as far as IOS is concerned, I can't upgrade because I probably don't have an agreement. Sux, hopefully this version isn't buggy.
I will fire up a new thread later or something when I'm ready and need help on anything with configuration. For now, I have to read as much as I can. |
|
DarkLogixTexan and Proud Premium Member join:2008-10-23 Baytown, TX |
Well just googled 1841 and it doesn't look to bad though I'd think about it hard as to if you want to spend the money. » www.cdw.com/shop/product ··· 956.aspxI'd contact a sales rep before buying though. also I'd go ahead and create a CCO login though it won't let you download anything till a contract is attached. |
|
|
Darklogix: one last thing. If i put the Cisco behind the astaro...i still want to use the astaro to route all traffic out to the internet. I still (for the time being) want it to do my nat translations, etc. Feasable? |
|
DarkLogixTexan and Proud Premium Member join:2008-10-23 Baytown, TX |
well then you would have it not in transparent mode then
you could start with the cisco just routing data, give it a route of last resort of the astaro then let the astaro do nat for now. |
|
|
Right... basically I didnt want the Cisco at the perimeter because I didnt want a new IP given to me etc. So I basically was thinking to plug the 2nd ethernet card from the astaro into the cisco. Then the Cisco into my switches.
So I guess from my persective anyways, I would just need to configure the two interfaces, and then provide a default route to the Astaro. ip route 0.0.0.0 0.0.0.0 --> Astaro IP (gateway)
Thanks man for all the help |
|
DarkLogixTexan and Proud Premium Member join:2008-10-23 Baytown, TX |
Ya that should get you started |
|
|
to chugger93
said by chugger93:Right... basically I didnt want the Cisco at the perimeter because I didnt want a new IP given to me etc. If your ISP will be assigning you a different IP address just because you swapped out devices (different MAC address), then you can implement MAC cloning; assigning the existing Astro MAC address into the 1841 router, to keep the same IP address. |
|
DarkLogixTexan and Proud Premium Member join:2008-10-23 Baytown, TX |
Yes he can do that, I'd suggest though to do that later and wait till he has the routing part done before having the 1841 do more. |
|
|
mac cloning? No kidding? Nice.... |
|