Replace Home Router with Cisco Device

[FONT=&quot]Dear Community, [/FONT]
[FONT=&quot]I'mrelatively new to networking so please go gently on me. I've been wondering ifit's possible to replace the consumer grade router used in our home with aCisco router, one which will allow me to experiment. I'm talking about an allsinging/dancing Industrial spec Router. I'm wondering how if at all possiblethis could be done. At present, we have an ADSL connection and our routerconnects to an RJ-11 cable which is connected to a standard phone socketthrough a filter. Bear in mind I don't know much about different types ofCisco routers and their variations. What would be needed to change over? Wouldour ISP require us to use the device they provided? [/FONT]

Find more posts tagged with

Comments

Priston

You didn't list who your ISP is, who's your ISP? What's your bandwidth? Are you willing to sacrifice any of your bandwidth? How much are you willing to spend? Are you okay with using an end of life / end of support router?

My ISP allows me to use my own modem. They have a list of supported modems and some modems support higher bandwidth then others.

OctalDump

You probably can use your own device for ADSL. ADSL tends to be a bit more flexible. You could get one of the 800 series SoHo devices, like the 857, 877, 887, or the current 897 (maybe 896, but that's annex

. Or you could get any one of several expandable ISRs like the 1841, 2821, 1941 etc and install an ADSL capable card.

If your ISP requires you to use their ADSL modem, then you could still install a Cisco ethernet router (like the 871, 881, 891 etc etc), or most of the 1800, 1900, 2800, 2900 series. You can usually bridge the connection through the modem to the WAN interface on the router, so that all the modem is doing is the actual ADSL part, and everything else is in the router.

Either option means that you can still do netflow, firewall (ACLs), NAT/PAT, routing, VLANs etc etc in the Cisco box.

smartiedude

Sorry the wording wasn't correctly spaced in that first post. I actually have a lot of questions if you’re willing to help me understand a few things. To answer your questions first though, my ISP is TalkTalk, I have a 33 Mbps connection speed which I’m willing to sacrifice, but why does it need to be sacrificed? Money is no object really, but is it really worth buying a brand new one? What’s the difference between that and an end of life one? What issues does this introduce?

My ISP is allowing me to use my own router, yes, and they’ve provided connection settings in order to do so. I have more questions to answer if you’re able to.

OctalDump

The connection speed can be an issue since the actual throughput of the router is usually below its line speed eg a router with 100mbit/s ethernet ports might only do 30mbps, or slower, depending on what services are running. Usually, the more expensive the router, the faster (more throughput) it will achieve. So this is basically then a question of what functions you would want to run, and how much you'd like to spend. Which is sort of the answer to "is it worth buying a brand new one".

It'd take a little bit of research, but my gut feeling is that something like the 2800 series would like be fine for your purposes. It'd be ~$100, and maybe $30-50 for the ADSL card.

The other thing, is if you are using this to study for a certification, you might want to use specific features or use features in a particular way for a particular ios version.

smartiedude

How would I connect to the router securely over the Internet if our public IP address keeps changing? It doesn't make sense is how this would be possible if the ISP dynamically allocates our public address. If this keeps changing, how can it be reliable/static? Any advice?

Also, I've been reading up on our ISP's manual configuration settings which requires a PPPoE connection. Their connection settings specify a VLAN ID and DNS server but there's no Interface IP address to assign. Now, I understand a dialar interface needs to be configured for PPPoE. Am I right in saying that I don't need to configure an IP address then?

Also, how loud is the 2811? I've got some 2950 switches which sound horrendous.

clarson

I think you would be better off not using a cisco router for your home router, but augment your home network with a cisco router that you configure to have internet access via your home router.

1) you get a home router with gigabit ports and wireless. gui to easily configure security, and etc. all for $100. you are not going to get that with cisco equipment for less than $100's.

2) knowledge level if while you are playing around with your cisco router and happen to loose your internet connection, are you knowledgeable enough to fix it without an internet connection.
But, if the cisco router is just another network device in your home. it goes down, you still have an internet connection via your home router.

what i've done is setup my home router. Then connected at cisco router from my lab into the home router. set up the cisco router to dhcp it's interface ip address, nat, etc. set up the routing to propagate a default route, and I can plug my computers into any switch/vlan and get internet connectivity. except when i'm playing around with my lab and mess something up. And, I get to do some troubleshooting to fix it. But, I always have my home router connected to the internet. So, I can google away looking for information.

the 2950 has one fan. the 2811 has 3. how many fans and how fast depends on how hot the equipment is. when cool it is about the same as 2950. when hot and all 3 fans are running you are getting into the sounds like a server range.

OctalDump

Yes, the x800s are loud. The 1841 isn't too bad, but still noisier than your regular modem. The 800s are fanless, I believe, so very quiet. You'd likely want either 880 or 890, though. So might be a bit more expensive. The 800s are all fixed configuration, so once you get the right model, you don't need to buy additional cards.

It is possible to make the WAN interface a DHCP client, with (at a minimum) ip address dhcp in place of (for example) ip address 192.168.2.2 255.255.255.0

Generally, even when these are dynamic, you will keep the same address for a long period of time. If you want to set up outside access, then the usual trick is to set up with a Dynamic DNS service, which will allow you to access your modem on the internet using the same domain name (eg modem.myhome.example.com) which is dynamically updated with the external public IP of your modem.

smartiedude

OctalDump wrote: »

ADSL tends to be a bit more flexible.

What do you mean by this above. As opposed to what exactly?

OctalDump wrote: »

If your ISP requires you to use their ADSL modem, then you could still install a Cisco ethernet router (like the 871, 881, 891 etc etc), or most of the 1800, 1900, 2800, 2900 series. You can usually bridge the connection through the modem to the WAN interface on the router, so that all the modem is doing is the actual ADSL part, and everything else is in the router.

Confused.com. I’m not sure what you mean here. When you say bridge the connection, I’m assuming here you mean simply put the cisco one behind the ISP’s box and link them up. We don’t have a modem, it’s a router/modem integrated box.

OctalDump wrote: »

The connection speed can be an issue since the actual throughput of the router is usually below its line speed eg a router with 100mbit/s ethernet ports might only do 30mbps, or slower, depending on what services are running. Usually, the more expensive the router, the faster (more throughput) it will achieve.

So in a nutshell the better the router I buy, the more services it can handle then and the greater speeds it can achieve?

clarson wrote: »

I think you would be better off not using a cisco router for your home router, but augment your home network with a cisco router that you configure to have internet access via your home router.

1) you get a home router with gigabit ports and wireless. gui to easily configure security, and etc. all for $100. you are not going to get that with cisco equipment for less than $100's.

Yes, I’ve thought of sticking one behind the ISP box instead. I’ve seen second hand 2800’s for 30 GBP = 39.39 USD on ebay.

clarson wrote: »

what i've done is setup my home router. Then connected at cisco router from my lab into the home router. set up the cisco router to dhcp it's interface ip address

In doing this, I am I right in saying you had to make sure to exclude the internal gateway address of the ISP box in your dhcp scope?

OctalDump wrote: »

Generally, even when these are dynamic, you will keep the same address for a long period of time.

This is what I wanted to know a bit more about. I always assumed the public address changed daily. What determines when it will likely change? Router reboot?

clarson

Originally Posted by clarson
what i've done is setup my home router. Then connected at cisco router from my lab into the home router. set up the cisco router to dhcp it's interface ip address

In doing this, I am I right in saying you had to make sure to exclude the internal gateway address of the ISP box in your dhcp scope?

you need to exclude the internal gateway address of the isp box from the dhcp scope on the isp box. That has nothing to do with the cisco router connected to it. I thinking that right now, your computers are getting dhcp addresses from your isp box. you set up the cisco router to get ip address and such via dhcp from your isp box, just like a pc would. Then you use pat on the cisco router to send all your internet traffic from your equipment connected to the cisco router out that interface. Which goes to your isp box, then to the internet. when setting up pat on the interface connected to the isp box (and the network address on that interface which is assigned via dhcp) that is the inside global address. then you setup the local inside addresses. Now, if you wanted to use dhcp on the cisco router. Then as part of setting up dhcp on the cisco router you would exclude some ip address for such things as internal gateway address of the cisco box.

! on interface connected to isp box
interface type id
ip address dhcp
no shut
end

!make sure your interface is up
show ip inter br

! make an access list. you can be more limiting. this allows any address on your inside network. # is just a number 1-99
access-list # permit any

! set up pat. # same number as above same interface as above
ip nat inside source list # interface type id overload

! go to interface connected to isp box
nat outside
! go to your inside interfaces
nat inside

!set your default route to your isp box internal gateway address
ip route 0.0.0.0 0.0.0.0 192.168.22.1

!should have an internet connection
ping 8.8.8.8

! set up your routing. be sure to include the network of the internal gateway above, network 192.168.22.0
! and include default-information originate as appropriate
! set up dhcp etc

none of the above is anything you shouldn't know for the icnd1 exam.

ImYourOnlyDJ

clarson wrote: »

the 2950 has one fan. the 2811 has 3. how many fans and how fast depends on how hot the equipment is. when cool it is about the same as 2950. when hot and all 3 fans are running you are getting into the sounds like a server range.

All of the fans in my equipment at home have somehow been disconnected

. I have an ASA 5510, 2811, and a 3560 that have been running for about a year without fans and are silent

ParDigital

I did this, and I dont feel its that big of a deal. I had a 2821 running on my home connection for nearly 2 years before I replaced it with a PFSense box.
My setup is as follows:
Comcast cable modem ---> 2821 --> Meraki switch
When I first set it up I thought it was daunting, but it really did solidify a lot of points for my CCNA I was studying at the time. The main points to get it working with the home connection:

Set the ISP device to bridge mode
Set the DSL/cable modem facing interface to DHCP
Set a static route for 0.0.0.0/0 to the outgoing interface
Configure a NAT overload statement to port translate internal LAN addresses to the WAN address

I took the device offline so there could be a step or two that I am missing, but this should get you a barebones setup.
Keep in mind that there is hardly any security with this. Be sure to configure fw rules via ACL