Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

LAN & WAN Reviews

Feature Summary

I put together this feature summary from the ISA500 series data sheet.

Zone Based Firewall
  • 15,000 Max Connections
  • 100 Max Firewall Rules
  • 2,500 Sessions Per Second
  • DOS Protection
  • Application Layer Gateway
Security
  • Intrusion Prevention System (IPS)
  • Application Control
  • Web URL Filtering
  • Web Threat Protection
  • Anti-phishing
  • Anti-virus
  • Anti-spyware
  • Spam Filter
  • Network Reputation Filter
VPN
  • 25 IPsec Site-to-Site tunnels
  • 10 IPsec Remote tunnels
  • 10 SSL Remote tunnels
  • 10 L2TP Remote tunnels
  • IPsec VPN (3DES, AES 128/192/256, MD5, SHA-1)
  • IPsec DPD
Throughput
  • 200Mbps SPI
  • 75Mbps IPsec
  • 60Mbps IPS
  • 50Mbps AV
  • 45Mbps UTM
Networking
  • Total Interfaces:  7 10/100/1000
  • WAN Interfaces:  up to 2 10/100/1000
  • LAN Interfaces:  up to 6 10/100/1000
  • DMZ Interfaces:  up to 4 10/100/1000
  • Dual WAN with Load Balancing and Failover
  • Policy Based Routing
  • 802.1q VLAN:  16
  • SNMP v1/v2
  • QoS
  • VRRP
  • IGMP
Wireless
  • 802.11b/g/n, 2.4GHz, 2x2 MIMO
  • SSIDs:  4
  • WMM QoS
  • MAC Filtering
  • Open, RADIUS, WEP, WPA, WPA/WPA2, WPA2
  • WPS
  • Guest Access
  • Captive Portal
  • Rogue Access Point Detection
Other
  • Integration with Cisco OnPlus
  • 100 User Local Database
  • Supports Radius, LDAP
  • USB 2.0 Port (1)

Networking

The ISA550W has seven 10/100/1000 Ethernet ports. One of the ports must be a WAN port and two ports must be LAN ports. The other four ports are configurable as either LAN, WAN, or DMZ ports.

The four configurable ports default as LAN ports. As a LAN port, they can be configured as an access or trunk port. As an access port, they can be assigned to a single VLAN. As a trunk port, they support 802.1q VLAN tagging. Up to 16 VLANs are supported on the ISA550W. Further, a unique DHCP server can be created for each VLAN.

As a test, I added VLAN33 on the ISA550W and enabled the DHCP server for that VLAN to provide addresses in the 192.168.33.0/24 subnet. I configured port 6 on the ISA550W as an 802.1q trunk port as a member of VLAN1 and VLAN33, and connected port 6 to a similarly configured 802.1q trunk port on a NETGEAR GS108T switch. The test was successful. PCs on VLAN1 access ports got IP addresses from VLAN1 and PCs on VLAN33 access ports got IP addresses from VLAN33.

The networking status screen below shows port 6 is configured as a trunk and is a member of VLAN 1 and 33.

Cisco ISA550W dashboard showing VLAN and Trunking

Cisco ISA550W dashboard showing VLAN and Trunking

Any one (but only one) of the four configurable ports can be configured as an additional WAN port, making the ISA550W a dual WAN router. The screenshot above shows port 1 and port 7 are configured as WAN ports.

The default dual WAN configuration is a 50-50 traffic distribution between the two WAN ports. Load balancing over dual WAN ports on the ISA550W can be adjusted by allocating different percentages of traffic to each port, distributing traffic based on link bandwidth, by setting one interface as primary and the other secondary, or by policy based routing. Traffic can also be metered on each WAN port if you're connected to an ISP that limits bandwidth consumption.

I tested dual WAN functionality by making port 1 primary and port 7 secondary and left all other settings at default. I then set up a continuous ping to the Internet and disconnected port 1. With the default settings, it took the ISA550W about 45 seconds to failover to port 7. After setting the failover timers to their lowest values, it took the ISA550W only about 10 seconds to failover to port 7. Failback to port 1 in both cases was within 10 seconds.

Policy-based routing is a neat way to distribute traffic over dual WAN ports. For example, SIP based VoIP traffic could be routed over one WAN port, while all other traffic could be routed over the other WAN port to minimize bandwidth congestion for VoIP traffic.

Quality of Service (QoS) options are available for the WAN, LAN, and Wireless interfaces and can be applied to both uplink and downlink traffic. On the WAN interfaces, traffic can be queued using strict priority (SP), weighted round robin (WRR), or low latency queuing (LLQ) methods. Both source and destination traffic types can be classified with either a DSCP or CoS value, and then assigned to one of the priority queues. The screenshot below shows where you enable QoS by interface.

Cisco ISA550W QoS enables

Cisco ISA550W QoS enables

WAN QoS configuration is a multi-step process. The steps include setting the uplink bandwidth of your WAN interface(s) and choosing a queuing method. SP queuing is good for voice, but may delay (“starve”) data traffic too much. WRR queuing is good for data, but may not provide enough priority for voice. LLQ queuing allows you to reserve bandwidth for a specific traffic type and specify queue priorities for remaining traffic.

With bandwidth and queuing selected, the remaining steps are 1) to create traffic classification selectors to identify which traffic is to be prioritized; 2) create a policy and rule to apply the priority to specific uplink or downlink traffic; and 3) apply that rule to a WAN interface. There are 53 predefined traffic types, more can be added based on protocol and port. One rule can be applied to each WAN interface in both the uplink and downlink direction. The ISA manual provides a nice example on how to configure Voice QoS for both uplink and downlink traffic.

On the LAN interfaces, traffic can be queued using strict priority, weighted round robin, or both. On both the LAN and Wireless interfaces, traffic can be classified with either CoS or DSCP markings. QoS for LAN traffic is then applied by queuing egress (outbound) traffic to either the wired or wireless interfaces.

Additional network options to mention include support for IPv6, port mirroring, port-based access control, IGMP, and VRRP. Finally, there are numerous network reporting options, including reports on traffic statistics, usage, and WAN bandwidth utilization. The screenshot below shows traffic statistics by port on the ISA550W.

Cisco ISA550W Traffic Statistics

Cisco ISA550W Traffic Statistics

More LAN & WAN

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

Ran across an inexpensive piece of test equipment to use in testing USB ports and chargers.It is from Klein Tools and I paid US $16.95 for it. Stock N...
I have a RT-AC86U with an Asuswrt-Merlin 384.13 and I'm happy with it the only problem I have is that therouter crash and reboot itself more or less o...
On my AC86U, with 384.13 or 384.14 beta firmware, enabling PMF will make all wireless clients fail to connect after about 12-24 hours. The client will...
Is anybody using this? Cisco bought OpenDNS and I wonder if anybody is using this to block adult content for their home?The RV340 router supports the ...
...USB be set to LAN as well by changing the code?Is it a good idea btw? Both LAN and WAN wise? Any drawbacks?

Don't Miss These

  • 1
  • 2
  • 3