Good router brand

[DVOM]

I need suggestions for a good quality router for our office. The Linksys and dlink routers we've tried are to cheap and don't last very long.

TIA

[Byan]

Many people swear by Linksys routers.

but anyways, how bout using a software router instead?
http://www.smoothwall.org/ or http://www.ipcop.org/ are pretty popular linux distro's designed for this purpose

if you don't want to use linux, there are always win32 corparate firewalls, but those are rather expensive. I have used kerio winroute, which got the job done. I believe Sygate also has a solution, and there are many others.

I hope this helps,
Byan

[Tuttle]

If you can afford it, a Cisco 800 series of some description (probably 877 or 877W for DSL, 871 or 871W for Cable) will be solid.

What sort of budget and feature set are you after?

[DVOM]

Thanks for the replies.

Byan, we definitely need a hardware router.

Tuttle, I've checked out the prices on those Cisco routers and that's a possibility.

My real problem is that we've got a "Flowpoint 2200" modem/router gateway from the ISP that isn't set up for DHCP. It's a straight through setup where we use a block of assigned public IP's. It's reliable but it's extremely insecure as all the machines are connected directly to the internet.

The ISP wouldn't or couldn't remedy the situation so I daisy-chained a Linksys router to the gateway. That got me the security I wanted but the daisy chained router/s don't play nice with the gateway and eventually quit working. This problem of compatability was confirmed by the ISP tech support person.

So the most recent consensus is that we need a new ISP.

[Byan]

DVOM: why is that?
alot of hardware routers actually just run linux with a software router on them, which would include linksys. That's why most hackerish type people like those router's because they can put different versions of the firmware on there where they can use the router as more then just a router.

and not many corp. use hardware firewalls, least not the ones I've seen. I know my grandfathers company has there T1 routed using a server running redhat.

[Tuttle]

And what about when the Linux box's hard drive dies? Having no moving parts is a nice thing.

We use a Cisco 2611XM as our border router, but about a dozen satellite offices have 800s of various descriptions. They'll do all the basics -- NAT, just firewalling a set of public IPs before passing them through, internal DHCP server, site-to-site IPsec VPN etc. Cisco IOS is a pain to pick up if you've never used it before, but apparently the 800 series come with a web interface too.

So the most recent consensus is that we need a new ISP.

Sounds like a good conclusion if they're forcing you to use broken equipment.

[Byan]

thats what RAID is for..

[dlymor]

I don't know the size of your business, but if you plan on growing beyond those few dedicated IP's, definitely go with a corporate class router. I, too, say stick to the Cisco stuff, if for nothing else than compatability. It will give you the security you want, to any granularity you want, and do the DHCP that you probably would rather have, especially if your business is growing headcount steadily. Nothing is more time wasteful, *to me*, than hunkering over a spreadsheet giving out IP's. And if there is more than one person doing system setups at your place, DHCP is almost a necessity, because sooner or later, and always at the wrong time, you will change/set an IP that the other person used and then have all kinds of havoc on the phone. hehe

On top of it all, I would agree with you: in addition, get a new ISP. I mean, come on, they can't give you a router/switch with DHCP in it?

As for the all-in-one device (router, switch, firewall), I'm a big proponent of keeping them separate. Call it old school lan management. I like one box to do one thing. hehe I would say, though, that you probably want to keep the firewall separate from the router/switch. The last thing you want is to nosedive your banking or credit bureau links just to make a quick change to the firewall. BUT THAT IS ME!!! If your shop is small enough, then an all-in-one makes sense.

I'm not going to go into the which brand to go with, but I will say that we've gone with Cisco and haven't regretted it. We paid a consultant to come out and spend 2 days on the intial setup and bringing 2 people up to speed on the Cisco IOS. After that, it was book learning, web help and Google-smoogle! Thankfully, those guys are great and we haven't regretted the money spent. Just take your time and review customer references AND installations (if possible) when you are choosing one. You don't want to get someone who works for Fortune 50 clients if you are only a 5 person shop. Likewise, you want to talk to at least two prior clients, on their turf, and find out how they REALLY feel about the process.

[teddyr]

I would say stay with the cisco models... {I have used both Cisco and the Sonicwall products among others... Go with cisco or Sonicwall}

If what they have is a DSL unit in "Bridge Mode", then a Cisco 2600 or 800 would probably do the trick as a router.

The 2600 may be overkill for now, but if you plan on upgrading or for a modular design that would allow changing of hardware features (example.. switch to a T1 wic, etc) then the 2600 would be a better choice.

Although the routers have basic firewalling, you may also want to look at the 501 PIX firewall for the firewall/VPN capability if you have a small office.. [5-100 users]...

The PIX may be a little more complicated to setup than the consumer off-the-shelf devices..... {be sure to get the right license for the number of users you have} but remember it runs the same OS/software as the "big boy" PIX 515 corporate devices.

If what the ISP has is actually a DSL box with "NONAT" or "Fully Routed" mode then all that is needed might be the firewall itself (PIX) since that means that the device provided by the ISP IS already a router, just providing you with a public subnet... The 501 can act as a VPN endpoint for the cisco vpn client, a VPN endpoint for site to site vpn links, a dhcp server for the local subnet. Sincei it is a "true firewall", it has both NAT and PAT capability.. {hint... most off-the-shelf "firewall"/"Router" devices only do PAT...}

[DVOM]

Thanks for the input. Where would be a good online store for Cisco products? They're not available from the usual vendors such as Newegg or zipzoomfly.