i am looking for a few suggestion in buying a router. my company currently has 30 employees but we are looking to expand to over 60 wihtin a year. Currently we have a Cisco PIX 501 as the firewall which is also doing the routing. behind the pix is 2 cisco catalyst 2950 switches. i am looking for suggestions for a router i can put in between the firewall and switches. i want to take the necessary steps now before we grow to get the routing off the firewall and onto a router so the firewall can do what it does best.
The more normal approach would be
but that all depends on what you're actually doing with your network.
What internet/WAN connections do you have? What routing do you want to achieve? And do you/will you need any additional facilities like remote VPN access?
Re: Looking for router suggestions
12 years 3 weeks ago #15304
ok, we have a Single T1 into the building. I am not sure what you mean by "what routing do you want to achieve?" and yes, we already have 1 remote location connecting to the network via IPSEC/L2TP VPN. We plan on expanding to a t least 3 more locations.
as much i know ... we cant connect our outside world directly to a switch.... Switches can't connect a Wide area Netwrok and a LAN.. Router is made to solve this problem... ideal condition is wat bishop said..
ur ISP -> Router -> Firewall -> Switches
Okay, your shopping list is coming together here.
You'll need a router with the appropriate interfaces for your T1, plus at least one Ethernet port for connection on to your PIX. I'd also advise you choose a router with at least one more slot available for expansion; for example you might want to add a second T1 or perhaps an ISDN or ADSL backup in the future so leave provision for it now. Your next decision is whether to go for a router that will handle your incoming VPN itself or alternatively to let that traffic simply pass through the router and let your PIX handle it. You could do either here, there's no right or wrong choice but my instinct would be to leave it with the PIX since it's already working and you don't have to reinvent the wheel.
In terms of what you'll be looking to do, you want to set up basically the routing that you now have on your PIX, but you might want to add in some access control lists to pre-filter unwanted traffic before it even gets to your firewall.
And finally since you are already familiar with Cisco kit then it's got to be a Cisco router. Have a look on their website and check the features list to find the device that sounds right for you