Options
Home Network overkill?
So I just put a offer on eBay for a Cisco 3725 router with an AIM-VPN/EPII-Plus. I figured this way I can VPN home, practice Cisco configuring, plus have some better security for my house. I know the router is EOL but the functionality and being able to get some practice on a higher end router is a plus to me. Thoughts?
CCNP :study:
Comments
-
OptionsHyper-Me Banned Posts: 2,059If you wanna do it, do it.
I think using enterprise level stuff in your home solely for the idea of protection is overkill and silly, but if you are trying to learn the stuff as well then its worthwhile. -
Optionstiersten Member Posts: 4,505The 3725 won't give you any more security over a decent generic home router. I'm not sure whether it supports the IDS features or not but if you do enable it then expect throughput to drop like a stone.
If you want to run CBAC/IPS on a router then you'll need something like a highend 2800 to even come close to handling the average home broadband internet connection. Otherwise you'll have to do the multiple box router and get an ASA and one of the IPS boxes. The cheaper route would be to get Untangle running on a spare PC somewhere. -
Optionskeenon Member Posts: 1,922 ■■■■□□□□□□there is no overkill if you trying to learn something. if anything the router can go in your labBecome the stainless steel sharp knife in a drawer full of rusty spoons
-
OptionsStotic Member Posts: 248save yourself the trouble and just use hamachi vpn with a cheap router
-
Optionsfly351 Member Posts: 360The 3725 won't give you any more security over a decent generic home router. I'm not sure whether it supports the IDS features or not but if you do enable it then expect throughput to drop like a stone.
Yes the 3725 does support IDS. I did manage to find the throughput using a IDS NM, seems like its plenty for my home connection.
NM-CIDS-K9 Throughput: up to 45 Mbps in the Cisco 3700 SeriesCCNP :study: -
Optionsfly351 Member Posts: 360save yourself the trouble and just use hamachi vpn with a cheap router
That really doesn't help me learn Cisco though... takes away 1 of my 2 reasons for this setup.CCNP :study: -
Optionstiersten Member Posts: 4,505Yes the 3725 does support IDS. I did manage to find the throughput using a IDS NM, seems like its plenty for my home connection.
NM-CIDS-K9 Throughput: up to 45 Mbps in the Cisco 3700 Series
A 3725 is rated for 120KPPS/61.4Mbps but that is with nothing at all enabled like CBAC or IPS. The rule of thumb is that you halve the rated throughput for every feature you enable.
I use an 1841 as my router and it is rated for 75KPPS/38.40Mbps and if I enable everything then the throughput drops to around 3Mbps and CPU utilisation is extremely high. Cisco only rate it to handle a single T1/E1 with everything enabled. -
Optionsfly351 Member Posts: 360Yeah but you don't have a IDS NM :P They're generally not cheap on the secondhand market.
So I could run an IDS as part of the IOS without the hardware?
See why I need experience?CCNP :study: -
Optionstiersten Member Posts: 4,505So I could run an IDS as part of the IOS without the hardware?
-
OptionsAldur Member Posts: 1,460I think that this is a great idea for learning purposes. I bought a Juniper SRX210 for my home lab and then hooked it up to my internet connection. I ended up running into to problems like not receiving DHCP replies on an interface, or having wanted traffic blocked by the firewall.
Was spending about 1k for a home internet router overkill? Absolutely! Was it worth it to actually run into and troubleshoot some real world problems? Definitely!
Sure I could have just left this router/firewall in my lab and ran my connection through my 2wire router that my ISP provided but I've learned more from putting it in my 'production network' then I ever could have leaving it in my lab."Bribe is such an ugly word. I prefer extortion. The X makes it sound cool."
-Bender -
Optionstiersten Member Posts: 4,505Was spending about 1k for a home internet router overkill? Absolutely! Was it worth it to actually run into and troubleshoot some real world problems? Definitely!
-
Optionskeenon Member Posts: 1,922 ■■■■□□□□□□exactly, a good learning experience is at hand.Become the stainless steel sharp knife in a drawer full of rusty spoons
-
Optionsfly351 Member Posts: 360Thanks for the help everyone. Once I get it in and configured I will check the throughput over my 16mb connection and post the results.
As far as the NM-CIDS... I will decide on that later.CCNP :study: