guy labs guy labs

Cisco ISA550W Review

General, Infrastructure
/by
Some month's ago my cheap Thomson WLAN VOIP router, which I got from my ISP, just stopped working and I needed something stable and secure. I searched a lot, read a lot of reviews until I found the ISA550W from Cisco. It had everything which I needed: Gigabit Ethernet 802.11b/g/n WLAN Integrated security appliance (ISA) And it didn't cost that much (around 360$) like a real business hardware firewall (1000$ +). There is also the greater brother of the ISA550W the ISA 570W, which just has better performance, more ports and throughput than the ISA550W, but for me the throughput was enough. Ok here now the specifications: Firewall Throughput 200 Mbps IPsec VPN Throughput 75 Mbps Anti-virus Throughput 50 Mbps IPS Throughput 60 Mbps UTM Throughput 45 Mbps Maximum Connections 15000 IPsec VPN Site-to-Site Tunnels 25 IPsec Remote Access Tunnels 10 SSL VPN Tunnels 10 Total Interface 7 GE WAN Interface 2 GE LAN Interface 6 GE WLAN (802.11b/g/n) yes DMZ Port Up to four The detailed specs you can get here and the full administration guide here. So I bought it right away and started configuring. First of all I must say that you can configure nearly everything you can imagine. (Especially when you are used to a silly Thomson router admin interface) I didn't had any problems yet with this router, but the only annoying thing is, that the security updates are just valid for one year, and then you need to renew the subscription to get updates for the anti-virus, IPS etc. Today I use the IPsec VPN, anti-virus, IPS and the standard network configs for WLAN, port forwarding etc. which all...

Cisco SG200-08 and NFS

Infrastructure
/by
  Today I want to tell you a little story about the Cisco SG200-08 8 Port switch and mounting a NFS share. I bought a Cisco ISA550W router lately, configured it and I thought it could be a good idea to upgrade the firmware of all switches and other devices I have at home. So I did this too with the SG200-08 switch. I upgraded from 1.0.5.1 to the 1.0.6.2 firmware. Everything went well but the next day I wanted to mount a NFS share from my server and it hanged after executing the mount command. Then the debug journey began... I double checked everything on the new ISA550W but the failure wasn't there. Then I checked the whole NFS configuration and thought it could also be the newly installed bind9 DNS server. After a configuration ping pong between all three devices I started with the process of elimination. I first connected the laptop directly with the server. (No switch and no router) Then it worked. And I did that till I found out that the SG200-08 Cisco switch is causing the problem. The small googling session afterwards told me that the new firmware 1.0.6.2 was causing the problem and a workaround is to downgrade to the 1.0.5.1 firmware. (https://supportforums.cisco.com/thread/2203589) So I did that and tada it worked again. It is quite disappointed of Cisco to release such a broken firmware. Now I hope the ISA550W is doing it's job well  :wink: Maybe this post helps someone out there don't spend hours of debugging like I...