I decided that my life wasn't sane enough before and since I hate Cisco gear and the obnoxious user interfaces they use, I scrapped my old web-based and relatively intuitive Sonicwall. We started having weird connection issues with the outside. Like, one day, I couldn't browse to microsoft.com.
Since Cisco is the industry leader, and as I can write it off as a legitimate business expense, I bought an ASA 5505 with licenses for 50 computers (don't want to run out in case I have a big party someday where everyone is wireless). Plus this is the sort of equipment small businesses will want to put in.
There is a web-based start which downloads their graphical user interface ASDM. But this is merely a GUI wrapper for the commands. Anyway, first impression was that there is a paper in the box that I thought would give me some basics about how to hook the thing up and get started. Typical of all Cisco documentation, it was not that. Instead, it was a long list of web URL's that you can go to for all manner of things. The main one that I was interested in was called the Getting Started Guide. But this link was buried down the list (wasn't even highlighted). And, of course, since it was just text based, I wasn't about to try to transcribe it to my computer so instead, I just googled and in a few tries got to the document.
I knew that Cisco was horrid at documentation but I had hoped that this, being targeted at small businesses, would be different. The other major problem this points out with Cisco Documentation is that, for some reason, they feel it necessary and important to give you every single possible combination and step you may (someday) want during the simple setup. Unlike most manufacturers, who have the most common setup and then you have to dig down into links to get to the more esoteric, Cisco puts everything up front so you have to constantly ask yourself: is this important to me? Since it's all networking gobbledygook, you end up spending hours in Google trying to decide what the heck this option is and if you care.
Wait, it said there is a startup wizard! Ok, so I imagined it would be like many other network setups like Linksys or Netgear where they walk you through some simple steps to get basic things like DHCP and connection to your WAN setup.
Well, it was sort of like that. Of course, they felt it necessary to get complex and they talked about vlans (which you can't find anything about in windows so don't try). This sorta scared me as I didn't want to have to go around re-configuring all my home devices. Anyway, I pressed on.
The next hurtle was that my home network was not their default IP space. So, I went through the setup and thought I'd configured everything but when I hit submit (and it sends the commands to the ASA), I waited 5 minutes but it never showed complete. After that, I couldn't get a DHCP address either. I tried several times and never could get it to work properly.
I considered Changing all my static IP addresses to match the Cisco but as this is supposed to be a learning thing, I pressed on. After some more time with Google, I found a blog that talked about copying the config to your local machine and then use an editor to change the IP's and then copy back. I did that and it seemed to work!
Ok good, but I still couldn't browse the internet. Turns out after wading through the ASDM I found a spelling error in my config and wala, I was browsing the internet!
The next problem was that, by default, the ASA does not allow PING on the network. Of course, I discovered that the hard way. Some more googleing and I figured out how to change the access to allow ICMP everywhere. But I still had trouble.
The next problem was not Cisco's problem. Turns out that since it is a new network, all the windows machines set the networking profile to 'public' meaning that they don't respond to ping. You have to go to each machine and tell it that it's on a home network (all of our machines are windows 7 or 2008).
After that, I was, finally, able to get things going and my home network is basically operating like it used to.
Actually, it's not like it used to be; in many ways it is better. The problems I was having with browsing are gone and also I found that there were other problems I was having (thinking it was my computer) that have magically, disappeared.
Only took about 6 hours to replace one piece of network gear. But the problems I was dealing with got fixed so that's good.
And there are some other nuances that I haven't re-implemented - just getting the basic connectivity working. I'm sure there will be other problems that I'll have to fix.
Would I recommend it? Not unless you were familiar with Cisco CLI and networking. I'm not a CNA so you don't have to be an expert but don't try this unless you have a weekend to kill, no one is around and you like beating your head against the wall until it's bloody! :)
Oh, and my favorite post found while searching online:
"Regarding the CLI, once you get used to it, it's relatively intuitive."
(Obviously, this person has a different definition of intuitive. I've always thought Intuitive meant that something works the way "normal" people think. So you can just pick it up and operate it without spending time "getting used to it". Maybe that's just me.)
No comments:
Post a Comment