Re: router recommendation?

["Noah" <noah () ieee org>]

The Cisco IOS software will do what you want.  The type of router doesn't
matter much for what you want, just make sure you have enough memory to
upgrade to future "T" releases if you want the newest features...

> Two major things I need to be able to do on the WAN port of the new router
for monitoring and security is lock the port at >full duplex and 10M

interface mode) duplex full
interface mode) speed 10

> and also I need to be able to respond to ICMP requests but want to limit
it to only the monitoring servers of our ISP.

#to allow ping
global config mode)  access-list 101 permit icmp (ip address of ISP
monitoring servers) (inverse mask of ISP monitoring server's network) eq
echo
#to allow ping reply
global config mode)  access-list 101 permit icmp (ip address of ISP
monitoring servers) (inverse mask of ISP monitoring server's network) eq
echo-reply
#deny everything else
global config mode)  access-list 101 deny ip any any

#apply to interface
interface mode) ip access-group 101 out

> I'm looking at a Cisco 1721 with the latest 1700 IOS.
> Am I looking at the right one? Our network isn't huge and doesn't require
anything too major.

If you say that the 1721 will meet your capacity needs, it will do.

> Thanks
> Murad Talukdar

Noah
CCIE #12652


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------