Switches

[coolVariable]

The small company I work for is going to move in the near future and I was charged with looking into which network gear and other stuff we should buy.

Here is our current setup:

DSL => Netopia Cayman 3500 Gateway => SonicWall SOHO TZW Router / Firewall => Netgear Fast Ethernet Switch FS116

LaCie File Server for the LAN (500GB and expandable)
3 network printers (color laster, b/w laser and copier/scanner/printer)





The new setup should probably allow for the following:

- Up to 30 simultaneous computers/devices
- Probably up to 30 ethernet plugs (in the walls) although not all of them need to be active and I want at least 10 IP addresses to be available for wireless users
- automatic system refresh so the IP becomes available again after a guest computer leaves (the stupid current system does not do this, so at least once per week we have to restart the router to clear the 10 available nodes).
- Gigabit ethernet
- a/b/g wifi ... I think it is too early for n, isn't it?
- ability to dial into the server remotely via VPN to access the files ... should be secure but use PPTP protocol or whatever is built into WinXP or the Cisco VPN ... DEFINITELY NO ADDITIONAL 3RD PARTY VPN SOFTWARE


What would you recommend?
Anything else I should think about or get?

 

[owensdj]

Your existing router shouldn't be running out of IP addresses. You need to make the IP address range bigger if possible and reduce the lease time so unused IP addresses go back into the pool sooner. The more frequently guests come and go the shorter the lease time.

 

[coolVariable]

It is not running out of IP addresses.
IP addresses, 30 are available and the lease time is set to 12 hours.

This @Q#$@#$%#$ router only allows 10 "nodes" which apparently equals computers (not printers) leasing IP addresses.
And it doesn't refresh its list of nodes every 12 hours.

Regardless, I want gigabit ethernet and a better router/firewall. I guess this will also mean buying a new switch?

Any suggestions.
Anything else that we might want to get?

 

[coolVariable]

Up

 

[ViviTheMage]

patch panels!!

 

[mleonard]

I've recently helped a small buisness I worked for upgrade their network and it is substantially more stable now. I prefer Linksys Buisness Souloutions overall because they are owned by Cisco, seem pretty stable, and have descent pricing.

If your SonicWall Router/Firewall only gives you 10 IP's you should deffinatly get a new router. Consider getting several network devices for each individual part of the network, instead of spending alot of money on one device that does everything. A good 10/100 8 port VPN router like the Linksys RV082 would work well at the head of your network. It has your DHCP, VPN passthrough, SPI firewall, it also has 2 WAN ports for load balancing or you could connect a web server, etc. to the DMZ port so that server is outside the firewall. Then you need a Gigabit Switch 24 ports should be enough to start with, but get a patch panel for all 100 cable feeds if all won't be active. For wireless get a Wireless G access point untill Draft-N is finallized. If your LeClair File Server is gigabyte then thats terrific, if it's only 10/100 you may want to consider an upgrade for faster speeds. Make all you computer and server connections (unless a sserver outside the LAN, then use the DMZ port) through the gigabit switch. Then connect that, your wireless access point, and other 10/100 switches to the router/firewall.

Be sure all your printers are networked, I've had better luck giving printers static IP address (make up an IP range for them), as sometimes with DHCP they get lost and need to be reinstalled on each machine. In fact, make up a IP range table.... such as 192.168.1.1 - 9 for static IP routers/gatwayes, 192.168.1.20 - 39 for static IP servers/file servers/mail servers etc, 192.168.1.50-69 for static IP printers, and 192.168.1.100-299 for DHCP computers and wireless.

 

[coolVariable]

Originally posted by: mleonard
I've recently helped a small buisness I worked for upgrade their network and it is substantially more stable now. I prefer Linksys Buisness Souloutions overall because they are owned by Cisco, seem pretty stable, and have descent pricing.

If your SonicWall Router/Firewall only gives you 10 IP's you should deffinatly get a new router. Consider getting several network devices for each individual part of the network, instead of spending alot of money on one device that does everything. A good 10/100 8 port VPN router like the https://www.linksys.com/servlet/Satelli...name=Linksys%2FCommon%2FVisitorWrapper">Linksys RV082</a> would work well at the head of your network. It has your DHCP, VPN passthrough, SPI firewall, it also has 2 WAN ports for load balancing or you could connect a web server, etc. to the DMZ port so that server is outside the firewall. Then you need a https://www.linksys.com/servlet/Satelli...name=Linksys%2FCommon%2FVisitorWrapper">Gigabit Switch</a> 24 ports should be enough to start with, but get a patch panel for all 100 cable feeds if all won't be active. For wireless get a Wireless G access point untill Draft-N is finallized. If your LeClair File Server is gigabyte then thats terrific, if it's only 10/100 you may want to consider an upgrade for faster speeds. Make all you computer and server connections (unless a sserver outside the LAN, then use the DMZ port) through the gigabit switch. Then connect that, your wireless access point, and other 10/100 switches to the router/firewall.

Be sure all your printers are networked, I've had better luck giving printers static IP address (make up an IP range for them), as sometimes with DHCP they get lost and need to be reinstalled on each machine. In fact, make up a IP range table.... such as 192.168.1.1 - 9 for static IP routers/gatwayes, 192.168.1.20 - 39 for static IP servers/file servers/mail servers etc, 192.168.1.50-69 for static IP printers, and 192.168.1.100-299 for DHCP computers and wireless.

Great. Thank you.
Will definitely look into all of that.

The printers actually are set up to use static IPs.

 

[mleonard]

If you don't already have it, battery backup would be a good thing for your file server and network devices (DSL modem/router/switches/wireless).

 

[coolVariable]

Originally posted by: mleonard
If you don't already have it, battery backup would be a good thing for your file server and network devices (DSL modem/router/switches/wireless).

Yep. Got that already for the current setup.

 

[spidey07]

Do the design first, then pick the gear. Designing around gear normally leads to bad results.

So clearly define each and every one of your requirements, from there you can pick equipment. In networking there is no "best", only what "does the job it's required to do perfectly"

 

[coolVariable]

Originally posted by: mleonard
I've recently helped a small buisness I worked for upgrade their network and it is substantially more stable now. I prefer Linksys Buisness Souloutions overall because they are owned by Cisco, seem pretty stable, and have descent pricing.

If your SonicWall Router/Firewall only gives you 10 IP's you should deffinatly get a new router. Consider getting several network devices for each individual part of the network, instead of spending alot of money on one device that does everything. A good 10/100 8 port VPN router like the https://www.linksys.com/servlet/Satelli...name=Linksys%2FCommon%2FVisitorWrapper">Linksys RV082</a> would work well at the head of your network. It has your DHCP, VPN passthrough, SPI firewall, it also has 2 WAN ports for load balancing or you could connect a web server, etc. to the DMZ port so that server is outside the firewall. Then you need a https://www.linksys.com/servlet/Satelli...name=Linksys%2FCommon%2FVisitorWrapper">Gigabit Switch</a> 24 ports should be enough to start with, but get a patch panel for all 100 cable feeds if all won't be active. For wireless get a Wireless G access point untill Draft-N is finallized. If your LeClair File Server is gigabyte then thats terrific, if it's only 10/100 you may want to consider an upgrade for faster speeds. Make all you computer and server connections (unless a sserver outside the LAN, then use the DMZ port) through the gigabit switch. Then connect that, your wireless access point, and other 10/100 switches to the router/firewall.

Be sure all your printers are networked, I've had better luck giving printers static IP address (make up an IP range for them), as sometimes with DHCP they get lost and need to be reinstalled on each machine. In fact, make up a IP range table.... such as 192.168.1.1 - 9 for static IP routers/gatwayes, 192.168.1.20 - 39 for static IP servers/file servers/mail servers etc, 192.168.1.50-69 for static IP printers, and 192.168.1.100-299 for DHCP computers and wireless.

I really like the switch and the router but the VPN is apparently pre-configured for their own VPN application. Since both decision makers for this (me and the owner of the biz) really dislike having to install YET ANOTHER application while we already have Cisco VPN and the WinXP built-in VPN, I am definitely interested in a router that supports that (and also has the setup for those in the user guide, instead of simply telling one to install the Custom VPN and type in the IP).

 

[mleonard]

Originally posted by: coolVariable
I really like the switch and the router but the VPN is apparently pre-configured for their own VPN application. Since both decision makers for this (me and the owner of the biz) really dislike having to install YET ANOTHER application while we already have Cisco VPN and the WinXP built-in VPN, I am definitely interested in a router that supports that (and also has the setup for those in the user guide, instead of simply telling one to install the Custom VPN and type in the IP).

I'm not sure I undertand... don't most router/firewalls only have VPN passthrough and not an actuall VPN server? Have to admit I don't know much about VPN's. If you already have a Cisco VPN and WinXP built-in VPN, why not pass-through to it.

 

[coolVariable]

Originally posted by: mleonard
I've recently helped a small buisness I worked for upgrade their network and it is substantially more stable now. I prefer Linksys Buisness Souloutions overall because they are owned by Cisco, seem pretty stable, and have descent pricing.

If your SonicWall Router/Firewall only gives you 10 IP's you should deffinatly get a new router. Consider getting several network devices for each individual part of the network, instead of spending alot of money on one device that does everything. A good 10/100 8 port VPN router like the https://www.linksys.com/servlet/Satelli...name=Linksys%2FCommon%2FVisitorWrapper">Linksys RV082</a> would work well at the head of your network. It has your DHCP, VPN passthrough, SPI firewall, it also has 2 WAN ports for load balancing or you could connect a web server, etc. to the DMZ port so that server is outside the firewall. Then you need a https://www.linksys.com/servlet/Satelli...name=Linksys%2FCommon%2FVisitorWrapper">Gigabit Switch</a> 24 ports should be enough to start with, but get a patch panel for all 100 cable feeds if all won't be active. For wireless get a Wireless G access point untill Draft-N is finallized. If your LeClair File Server is gigabyte then thats terrific, if it's only 10/100 you may want to consider an upgrade for faster speeds. Make all you computer and server connections (unless a sserver outside the LAN, then use the DMZ port) through the gigabit switch. Then connect that, your wireless access point, and other 10/100 switches to the router/firewall.

Be sure all your printers are networked, I've had better luck giving printers static IP address (make up an IP range for them), as sometimes with DHCP they get lost and need to be reinstalled on each machine. In fact, make up a IP range table.... such as 192.168.1.1 - 9 for static IP routers/gatwayes, 192.168.1.20 - 39 for static IP servers/file servers/mail servers etc, 192.168.1.50-69 for static IP printers, and 192.168.1.100-299 for DHCP computers and wireless.

I did not find anything in the documentation for that router but there is no limit of nodes (computers) like the current SonicWall has it?

 

[mleonard]

Originally posted by: coolVariable
I did not find anything in the documentation for that router but there is no limit of nodes (computers) like the current SonicWall has it?

Can't currently log into that particular router, but my Linksys BEFSX41 at home has DHCP limit of 245. I'm sure the Linksys RV082 has as many, if not more.

 

[coolVariable]

Just spoke to our tech support company (who we will use to set all of this up).

They recommended the Buffalo WZR-RS-G54 Router
for $129 @ Newegg
Which is sufficient for our business and supports WinXP VPN clients connecting to it.

For the switch he liked the Linksys and suggested the Netgear 24 port Gigabit Switch as an alternative (didn't get a product number from him, since I didn't figure there would be soooo many of them). Their price for the Netgear: $550


Otherwise, I also found these switch which range from cheaper than the Linksys/Netgear to more expensive. Not having worked with Switches before, what should I look for?

LINKSYS SR2024 10/100/1000Mbps Gigabit Switch 24 RJ45 ports + 2 Mini-GBIC ports 32K MAC Address Table - Retail $327.99

NETGEAR GS524T 10/20/100/1000/2000Mbps Gigabit Rackmount Switch 24 x RJ-45 Ports 32K MAC Address Table - Retail $381.99 (-50MIR)

NETGEAR GS724T 10/100/1000Mbps Gigabit Smart Switch 24 RJ-45 connectors for 10BASE-T, 100BASETX, and 1000BASE-T (Auto Uplink on all ports) 2 SFP slots for fiber Gigabit Ethernet modules 8K MAC Address Table 256KB Buffer memory - Retail $329.99 (-$50MIR)

PowerConnect 2724 $258


Why the big price differences for switches? What should I look for?

 

[coolVariable]

OK. Going to pull the trigger on one of these switches ... which one can you recommend?

NETGEAR JGS524F 10/100/1000Mbps $283
NETGEAR GS724T 10/100/1000Mbps $299 (+$75 MIR)
LINKSYS SR2024C 10/100/1000Mbps $324
Dell PowerConnect 2724 $258

I am very tempted to go with the NETGEAR GS724T ... if only for price.
Help is greatly appreciate as I do not really know much about switches.

 

[Madwand1]

How about an HP? They're generally well-regarded, and this one is smarter than some of the others you've listed.

ProCurve 1800-24G $390.

http://www.newegg.com/Product/Product.asp?Item=N82E16833316054

 

[coolVariable]

Originally posted by: Madwand1
How about an HP? They're generally well-regarded, and this one is smarter than some of the others you've listed.

ProCurve 1800-24G $390.

http://www.newegg.com/Product/Product.asp?Item=N82E16833316054

Naw, don't even need half the stuff that the above can do.
It will only be used as switch hooking up all the computers in our office ... and if we ever expand, it should support linking to another switch.

 

[coolVariable]

Originally posted by: coolVariable
OK. Going to pull the trigger on one of these switches ... which one can you recommend?

NETGEAR JGS524F 10/100/1000Mbps $283
NETGEAR GS724T 10/100/1000Mbps $299 (+$75 MIR)
LINKSYS SR2024C 10/100/1000Mbps $324
Dell PowerConnect 2724 $258

I am very tempted to go with the NETGEAR GS724T ... if only for price.
Help is greatly appreciate as I do not really know much about switches.

No one here use any switches?

 

[spidey07]

Originally posted by: coolVariable
No one here use any switches?

Stick with foundry, cisco, extreme and you'll be fine.

I still don't see any real requirements that you can form a design around. So picking gear is pointless.

Do you need power over ethernet? Do you need routing (I would). I think you're looking at the wrong gear. I personally would steer to a 48 port triple speed PoE Cisco 3750 switch because you mentioned expansion. Couple this with a few cisco access points and a controller and you're done. Plus you really should put the servers in a different vlan than the clients. Heck, the 3750 with the wireless controller built in is looking pretty good for your basic needs.

All that and we haven't even gotten into the security aspect.

 

[coolVariable]

Got the NETGEAR GS724T 10/100/1000Mbps for $299