Replacing RV082 with CISCO??

Discussion in 'Other Cisco Equipment' started by SmallOffice, May 19, 2008.

  1. SmallOffice

    SmallOffice Network Guru Member

    We are looking to replace our RV082 router for our small business. We are looking for a router that almost never needs to be rebooted. When it does need to be rebooted (from a crash), it can be done remotely.

    We are considering going with a CISCO product like the CISCO ASA5505-BUN-K9. Our needs are as follows:

    1) Dual WAN (load balancing)
    2) VPN-VPN gateway connection (between two of these routers)
    3) Remote SSL VPN client connections
    4) Remote IPSec client connections
    5) Binding services like HTTPS, FTP, ... to one WAN connection
    6) Binding by internal IP addresses to one WAN connection
    7) Up to 10 internal clients

    The RV082 has most of this functionality, but has become too unreliable.

    We understand that this CISCO unit has several 'wizards' that would help us set-up the correct configuration. We also understand that this forum has some useful sample code. If required, what would it cost for us to hire someone to configure these routers correctly?

    Of course given the expense of these routers and their complexity, we are hesitant to go down this path. If any one can provide us with some hands on advice, it would be very much appreciated.

    We have been also considering the NETGEAR FVS336G, however, the online reviews seem somewhat mixed. We are looking for a very reliable solution.

  2. Toxic

    Toxic Administrator Staff Member

    for a Dual Wan Cisco you could go with either a 1800 series router or you would need buy the ASA5505 with the Security License. ASA5505-SEC-BUN-K9 though the 5505 does not support load balancing.
  3. SmallOffice

    SmallOffice Network Guru Member

    We appreciate your helpful reply.

    So it appears that the ASA5505-SEC-BUN-K9 goes for about $1k or the CISCO1811/K9 goes for about $730 @ NewEgg.

    Any top-level thoughts on these two models? Which is easier to program? Which has better long-term flexibility?

  4. ifican

    ifican Network Guru Member

    Quite frankly there both great devices but are quite specialized. You need to ask yourself what you will need longterm. The 1800 is a router and the ASA is a firewall at heart. The ASA will at a cost give you ssl vpn flexibility where the 1800 only allows 1 or 2 ssl vpn connections. The 1800 does offer firewall code but is not as robust as an ASA. To be honest i love both devices but would not put both in the same situation as they are not equal by any means. Another option you may not have considered and will save you a couple hundred at least would be the cisco 800 series. The 851 or 871, the 871 has hardware vpn support where the 851 does not. It is also a great router with firewall code but is definitely not in the same class as the 1800 though again depending on your need may not even be noticed. So you will need to decide what your long term needs are and then you can make the best choice from there.


    Side note, the 800 series is not going to easily give you dual wan support either so if that is a 100% necessity you will have less options. You might also consider the checkpoint safe@office 500 or 500w. Will be about the same price as the ASA, perhaps a little cheaper, will give you dual wan support with the upgraded license and is quite an awesome little device as well. It is 100% gui driven so it quite easy to configure and with their latest code release adds alot of features.
  5. SmallOffice

    SmallOffice Network Guru Member

    We appreciate the insightful response.

    Since almost any good switch would meet our small office needs, we would prefer a robust firewall solution. We are basically looking for a solution that is extremely reliable for making external vpn connections. The RV082 met most of our needs. It just has not been reliable. So our thinking is to go with the ASA5505. We certainly want to avoid investing in another unreliable solution.

    We use the Dual WAN to improve the reliability. Even when one WAN/ISP goes down, the LAN stays connected. It would be helpful for the CISCO device to monitor the 'actual' transfer rate of each WAN/ISP on a semi-real time basis and make load-balancing adjustments accordingly. Can this be done? The RV082 performs some basic monitoring, but it would be helpful to go one step further.

    We plan to team up this device with a Linksys SLM2008 8-port 10/100/1000 Gigabit Smart Switch to improve the LAN speed. Makes sense?

    Finally, how difficult would this device be to program? Should we try to do this ourselves? Are there folks out there that a small business can hire to do the initial set-up? Costs? (I am going to ping one of my computer/networking consultant friends and ask him as well.)

    BTW, we looked at the checkpoint safe@office products. Thanks for the tip. We have no knowledge of the reliability of these solutions. Perhaps it is safer to go with CISCO.

  6. SmallOffice

    SmallOffice Network Guru Member

    One point of clarification....

    The ASA5505-SEC-BUN-K9 does not offer load balancing?

  7. Toxic

    Toxic Administrator Staff Member

    Very good sense. the ASA5505 on e0/5 and e0/6 support PoE and the SLM2008 port1 can be powered by PoE :)

    Setup of the ASA is I think easier that a full blow Cisco IOS device, since the ASDM for the ASA is much easier to navigate and control than the SDM of any Cisco IOS Router.

    Also any probs you can post them on the Cisco forum here for our resident "Cisco Guru" eric_stewart.
  8. ifican

    ifican Network Guru Member

    Do not discard the safe@office if it meets your needs. It is very reliable and has an excellent support model. Depending on what services you need it is an all in one device. Can do alot more than the ASA, dont get me wrong i love the ASA and we have 5580's we are at this very moment testing at work (20 gig throughput). I Have been running a safe@office at home now for about 2 years and have nothing but good things to say about sofaware. As long as you pay for minimal support, can get it for as low as 149 a year, you get update and overnight shipping if it ever goes bad. I can attest to this because i picked up this one used but under warranty. It died on me after a hard reset, i called it in and 36 hours later (i had one at my door with a prepaid rma label). Checkpoint can get pricey if you want all the features it has, antivirus, active spam filter, web filtering etc.

    I can tell you that just about any product from an enterprise class vendor will do all that it says and the reliability should be solid. I own more devices then i care to admit but i will share this much, i have used, own or still use products from all major vendor and am quite happy with them all. Right now my network is protected by a safe@office 500w and i could not be more pleased. If you have any other question about anything directly feel free to PM me. If you have basic questions along the same lines please post here so others can see.
  9. SmallOffice

    SmallOffice Network Guru Member


    We sent e-mails to both Checkpoint and SonicWall with business requirements asking for a product recommendation.

    We'll let you know how they respond.

  10. SmallOffice

    SmallOffice Network Guru Member

    Just wanted to give a quick update to the board...

    We have a few unexpected results.

    We were not able to locate anyone locally to set-up a potential CISCO configuration. We made a few inquiries with 'networking' folks who assist small businesses and those folks recommended non-CISCO solutions. In particular, SONICWALL came up as a recommendation several times.

    We had a very helpful exchange with the sales team at SONICWALL. They answered all of our business requirements and follow-up questions in great depth. They recommended purchasing the bare TZ 190 router with a support add-on package. Depending on the details, this should cost about $600. The only requirement that was not met was SSL VPN which they project being available in a support upgrade later this year.

    Although the Checkpoint product is extremely powerful for it price, according to the reply from sales it was lacking in our specific business requirements. In particular, their product does not seem to be compatible with popular dynamic domain services. (They do offer their own service.) Furthermore, their gateway-gateway vpn links seem to be limited when using dual wan. We did not follow up with support to further understand these limitations partially because they did not send us the phone number of someone to discuss these issues. Overall, we felt that their products were too similar in features to the RV082 that we are looking to replace.

    Consequently, we are looking for more feedback on the SONICWALL products and if good plan to go down that path.

    Thanks for all of your help.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice