I need a router to push about 10mbps traffic on fast ethernet. I need to apply some basic ACL's and there should be no need to do BGP.
I am also considering to use the same router for a VPN with low traffic (not even 1mbps)
I was wondering which will be a good option for such setup. I am mainly looking into cisco gear. I thougth about 7204/7206 non VXR with 2FE (in/out) or maybe a 3640 also with 2FE. Maybe a 7120 would be also an option. I specially like to option on the 7204 to have redundant power supplies. All three solutions offer hardware VPN acceleration with respective port adapters, but i don't know if performance would degrade a lot and it would be better to get a 2600 only for the VPN.
Depending on why you need a router, a firewall product like a Cisco PIX/ASA might be more appropriate. These are not routers, but they have some router features, and it would come with the ability to support a VPN.
A layer 3 switch might also be appropriate, again depending on your requirements. I would hesitate to purchase a 7200 unless you need WAN cards.
I prefer to use a router to do routing. I think the chances of failure are lower and all you need is implemented there.
gevg, the router should mainly apply some ACL's and do routing between different vlans with different IP address ranges. I thought about a layer3 switch, but the price i am getting the 7200 is quite lower than any appropiate L3 switch (about 1500$ on ebay).
What about that then? If i were to consider 2 devices, 1 for routing and 1 for VPN which ones would you choose?
I'm not sure exactly what you're getting for $1500. You can use the 7200 if you like if you're sure that you won't exceed 10 Mbps. When you do exceed its capacity, you'll end up throwing it away since it'll be useless for anything else.
Why not get a PIX? You haven't really specified your requirements, but that sounds like the most appropriate device based on what you've said so far. I haven't seen any reason for you to need a "router".
also keep in mind the 7204/6 routers are 3 rack units and consume more power than the 3550s. The 3550s will easily route 100mbps with ACLs and you get 24 or 48 ports along with a couple gbic ports for gigE. And the 3550s are 1 rack unit. They'll also do BGP pretty well without full routes.