[c-nsp] ASA or Router?

Kaj Niemi kajtzu at basen.net
Fri Mar 21 16:07:56 EDT 2008


Hi,


The ASA doesn't support DMVPN so if that's a hard requirement at the  
HQ you need to get an IOS box. Should you choose the ASA and if the  
G.SHDSL circuit requires termination (no managed CPE from the  
provider) you would additionally need the 1803 you mentioned or  
another with a WIC. The 1800 series routers will be able to encrypt  
all traffic on the line (and then some). Note that the fixed 1800  
series routers have a maximum of 50 supported IPSec tunnels while the  
non-fixed ones (1841, 1861) have higher.

The IOS box will do most of the things the ASA would - and you haven't  
indicated any ASA specifics - so from a technology management  
standpoint it might be wise to invest into one platform instead of two.


On Mar 21, 2008, at 21:31, Rupert Finnigan wrote:
>


> I've been pondering something over in my head for a while, and can't  
> reach a
> decision and so am interested in what others experiences might be.
>
> I'm currently working on a topology to link a number of retail units
> together back to head-office that'll support VoIP, email (pop3) and  
> EPOS
> related traffic - basically the traffic requirements per store will  
> be very
> low. However, I expect there to eventually be 60-80 stores.
>
> I'm going to put 1801w routers in each store, as they're perfectly  
> taylored
> to the needs of a small-ish Retail location, and run DMVPN to handle  
> the
> spoke to spoke VoIP traffic.. What I'm still trying to decide on is  
> what to
> put at the head-office hub end. I need something to concentrate the  
> VPN
> tunnels, and to terminate a SDSL line and so am thinking either a  
> ASA 5510
> with a 1803 router, or a just a 2800 series router. At present we've  
> got
> something to terminate "road-warrior" clients and so that isn't a
> consideration.
>
> Just interested in various options/comments or any pointers anyone can
> offer..





HTH

Kaj
-- 
Kaj J. Niemi
<kajtzu at basen.net>
+358 45 63 12000





More information about the cisco-nsp mailing list