QoS thru VPN in one box w/o the Cisco Price tag?

Discussion in 'Networking & Security' started by Nate7311, May 26, 2006.

  1. Nate7311

    Nate7311 2[H]4U

    Messages:
    3,312
    Joined:
    Jan 11, 2001
    I'm looking to introduce QoS on my VPN WAN without necessarilly stepping up to the Cisco pricetag yet. Because, for me It'll be the cost of product AND configuration time, as my Cisco CLI knowledge has slipped more than a bit in recent years.

    At present, I'm using a PIX506E as the hub for and IPSEC WAN ending with 11 Linksys BEFVP41's. Works like a champ, but I'm planning on rolling out a VOIP solution in the main office and out to my 11 remotes and I'm betting that the QoS will be an issue. Anyone know of a box that'll do it all?

    And before it's suggested, I'm NOT going to put a M0n0Wall/IPCop/etc at every location. :D

    Edit: I'm also aware that the Pix506E's don't support QoS as well, I've already got a plan for that.
     
  2. Blitzrommel

    Blitzrommel 2[H]4U

    Messages:
    2,659
    Joined:
    Sep 26, 2001
    Hehe, I was just going to comment on that.
     
  3. Nate7311

    Nate7311 2[H]4U

    Messages:
    3,312
    Joined:
    Jan 11, 2001
    Unfortunately, the Locations are Convenience Stores. and poorly designed ones for networking at that. i.e. very little room for an additional PC.
     
  4. MorfiusX

    MorfiusX 2[H]4U

    Messages:
    3,007
    Joined:
    Feb 13, 2004
    What type of the price range are you looking at? The newer ISR routers start at well under $1000.
     
  5. Nate7311

    Nate7311 2[H]4U

    Messages:
    3,312
    Joined:
    Jan 11, 2001
    LOL, here I am asking for product reccomendations, without specifiying a budget... D'OH!

    Anyway, at this poing I'd like to stay under $500 ea.

    But then again, I could get into a M0n0Wall on a WRAPS platform for that too...

    Has anyone done VOIP over VPN on a M0n0Wall yet?
     
  6. moetop

    moetop [H]ard|Gawd

    Messages:
    1,476
    Joined:
    Apr 8, 2004
    Does anyone else sell a Appliance type box that has more horespower than WRAP. 266 Mhz and 128 MB seems a little light depending on how many VPN's and the type of traffic you are pushing.

    You could also get something from http://www.cappuccinopc.com/ that is under $500 and has more horsepower..
     
  7. Nate7311

    Nate7311 2[H]4U

    Messages:
    3,312
    Joined:
    Jan 11, 2001
  8. JTY

    JTY 2[H]4U

    Messages:
    2,291
    Joined:
    Aug 4, 2002
    Perhaps the Cisco 800 series would do the trick. The 851 supports QoS, and VPN, not sure if you can QoS on the VPN though.
     
  9. MorfiusX

    MorfiusX 2[H]4U

    Messages:
    3,007
    Joined:
    Feb 13, 2004
    Depending on how much is willing to be spent, this is the route I would go.
     
  10. moetop

    moetop [H]ard|Gawd

    Messages:
    1,476
    Joined:
    Apr 8, 2004
  11. Arch

    Arch Gawd

    Messages:
    822
    Joined:
    Mar 9, 2000
    Not sure if the 851 can do it, but the 871 can definately do it. Requires the Advanced IP Services feature set. I have one of these at my house, very nice box. I think the retail for the 871 is $699.
     
  12. Nate7311

    Nate7311 2[H]4U

    Messages:
    3,312
    Joined:
    Jan 11, 2001
  13. Nate7311

    Nate7311 2[H]4U

    Messages:
    3,312
    Joined:
    Jan 11, 2001
    If I remembered more of my Cisco CLI, then this is definitely the route I'd go. But I don't so I need to budget in for Configuration labor too... Unless some generous soul wants to fly here and tweak them for free :D
     
  14. MorfiusX

    MorfiusX 2[H]4U

    Messages:
    3,007
    Joined:
    Feb 13, 2004
    The web configuration of the new ISR routers is very nice. They have made huge improvements. You can configure everything from a GUI.
     
  15. Arch

    Arch Gawd

    Messages:
    822
    Joined:
    Mar 9, 2000
    This is true, Cisco SDM 2.3.1 allows you to do pretty much everything from a GUI interface. I prefer to use it to show me what CLIs it would configure and then I get into the router and do it myself. For things like QoS I find that it generates more than I need, the same for firewalls.
     
  16. Nate7311

    Nate7311 2[H]4U

    Messages:
    3,312
    Joined:
    Jan 11, 2001
    Nobody's played with anything made by Patton before?
     
  17. moetop

    moetop [H]ard|Gawd

    Messages:
    1,476
    Joined:
    Apr 8, 2004
    No, but I may be soon considering the price and features! DAM.

    I keep doing a double take on the specs and price..

    A rip from their site as well as the Demo link for the box.

    Up to 2 FXS ports connect to your standard telephone or PBX.
    QoS Guaranteed Voice & Data--Quality of Service ensures voice traffic gets priority without shutting down your Ethernet LAN.
    Firewall, NAT, DHCP, PPPoE--Connect to any broadband access provider, serve the whole network, and secure your data. User configurable IP services ensure every host is connected to the LAN.
    IPSEC VPN, Encryption, & VLAN--Connect your telephone for IP access and secure your voice with IPSEC. Choose DES/3DES for encryption and IKE/manual key negotiation. VLAN tagging/stripping allows interfacing into your existing network today.
    SIP Signaling--Deploy into any multimedia, interactive, or softswitch network with the leading call and session signaling protocols.
    Toll Quality CODECs & T.38 Fax--Uses standard G.711 or G.726 CODECs for toll-quality voice, or G.723 or G.729 for low-bandwidth applications.
    HTTP/SNMP manageable from any location.

    Great find Nate!

    I wonder if I am going to add this to my list of all time greats.

    $120 PCchips dual slot1 Motherboard. PCchips is not the greatest name, but this motherboard worked great and was over 1/2 the price as the next closest for the features.

    $60 WRT54g indisputable as a great value for it's features with aftermarket firmware. Bought 6

    $120 netgear fvs318 VPN router. Very cheap for it's time.

    $1 4 way screwdriver from Harbor freight. Bought 10 now I can allways find a screwdriver with the right tip.

    $20 Chieftec dragon and or matrix case. Bought 6

    $150 1024 x 786 1200 lumens LCD projector (university property disposition.) Bought 3

    Is it worth the risk to find out if it is the next great one.. :) realy I need 2 to test with.. HMMM
     
  18. Nate7311

    Nate7311 2[H]4U

    Messages:
    3,312
    Joined:
    Jan 11, 2001
    That's what I said... I was reading over the specs, thinking good god, this is going to be big money. then found it at $150... w00t! As long as it works, then it could be the greatest thing since sliced bread! I also found quite a bit about the company and their VOIP products out on the net, evidently MANY smaller ISP's issue the Patton stuff, so at least it's got a record out there too.


    hehe, you buy one and I'll buy one and we'll test that way.
     
  19. moetop

    moetop [H]ard|Gawd

    Messages:
    1,476
    Joined:
    Apr 8, 2004
    Do you want to?? Seriously!

    I have a dedicated Asterisk box, so we can mess around with the sip stuff as well.
     
  20. Nate7311

    Nate7311 2[H]4U

    Messages:
    3,312
    Joined:
    Jan 11, 2001
    I already would have one on order, but I bought my 1st house recently and my CC company can't get my billing address straight...

    But yeah, I plan on ordering one today. and if you've got the asterisk server already set, then we're good to go. Mine's not a dedicated box yet, just A@H running inside of VMWare.
     
  21. moetop

    moetop [H]ard|Gawd

    Messages:
    1,476
    Joined:
    Apr 8, 2004
    Mine is on it's way. Dont feel pressured. There is a project I am working on that I can apply this to no matter what.