VPN Router Recommendations?
- Thread starter Mize
- Start date
While ADES doesn't ring a bell, I've had problems with a Linksys BEFVP41v2 with many connections resulting in the router refusing any further inbound communication.
The Netgear FVS318v3 I've now got is much better in this regard (and doesn't drop the PPPoE connection as soon as any of the settings are changed). But if you need 30 tunnels, you may want to look at the bigger models, I am not sure how many this version offers.
The Netgear FVS318v3 I've now got is much better in this regard (and doesn't drop the PPPoE connection as soon as any of the settings are changed). But if you need 30 tunnels, you may want to look at the bigger models, I am not sure how many this version offers.
ADES should probably read AES and most likely means WPA + AES = WPA2.
Have a look at Cisco 1800 or 800 Integrated Services Routers. You will need an external Aironet WiFi access point if you require WPA2 (the routers come with WiFi option of WPA-TKIP. The two combined (router + AP) should run you something between $1,000 and $1,500. The Aironet 1130AG is ~$500 so it's somewhere between $500 and $1,000 for the router, depending on model.
Have a look at Cisco 1800 or 800 Integrated Services Routers. You will need an external Aironet WiFi access point if you require WPA2 (the routers come with WiFi option of WPA-TKIP. The two combined (router + AP) should run you something between $1,000 and $1,500. The Aironet 1130AG is ~$500 so it's somewhere between $500 and $1,000 for the router, depending on model.
Pffft...!
The real question is do you want VPN pass though or do you want the router to terminate the VPN tunnels...? If you want a hardware solution, go for a router with a dedicated VPN accelerator. I had a Linksys RV082 (533Mhz XScale, 50 user, load balancing, & fail-over) but VPN routing performance is ~15Mbps tops. Both Netgear (FVS-124G) & D-Link (DFL-200) have very affordable small business solutions. If you want performance, then look at CISCO, SonicWall, etc.
The real question is do you want VPN pass though or do you want the router to terminate the VPN tunnels...? If you want a hardware solution, go for a router with a dedicated VPN accelerator. I had a Linksys RV082 (533Mhz XScale, 50 user, load balancing, & fail-over) but VPN routing performance is ~15Mbps tops. Both Netgear (FVS-124G) & D-Link (DFL-200) have very affordable small business solutions. If you want performance, then look at CISCO, SonicWall, etc.
What about something really cheap, like a linksys wrt54g? The built-in firmware can't do what you need, but there are better ones available (like dd-wrt). IPSEC performance seems to be crappy though (like 3mbit/s max.).
(Note though that the latest version, 5.0, of the wrt54g isn't useful, as it has only half the flash (2MB) and ram (8MB) of the older versions, and it does not run linux (vxworks instead) and can't be flashed to an inofficial firmware. There's a replacement model though (wrt54gl) which seems to be the same as the wrt54g 4.0, that should work fine. Or the slightly more expensive wrt54gs, which used to have two times the flash & ram (8MB, 32MB respectively), but the latest 4.0 version seems to be pretty much identical to the wrt54g 4.0 (only 4/16MB).)
There are similar wlan routers around from other vendors which can run the same inofficial firmware, see also the recent discussion here: http://hardware.slashdot.org/article.pl?sid=05/12/01/2326222
(Note though that the latest version, 5.0, of the wrt54g isn't useful, as it has only half the flash (2MB) and ram (8MB) of the older versions, and it does not run linux (vxworks instead) and can't be flashed to an inofficial firmware. There's a replacement model though (wrt54gl) which seems to be the same as the wrt54g 4.0, that should work fine. Or the slightly more expensive wrt54gs, which used to have two times the flash & ram (8MB, 32MB respectively), but the latest 4.0 version seems to be pretty much identical to the wrt54g 4.0 (only 4/16MB).)
There are similar wlan routers around from other vendors which can run the same inofficial firmware, see also the recent discussion here: http://hardware.slashdot.org/article.pl?sid=05/12/01/2326222
I've actually already got a CISCO wireless router with top notch encryption, but I'm not inclined to go wireless at the moment (paranoia). I'm more interested in a wired solution that I can hang the cisco off when I'm ready to much with 802.11g stuff. (we do have a wireless net, but it's not for computers tied to financial systems).
mczak said:
The laptops (and Treo 650s) in this case are generally in hotel rooms or airports when they need to connect via VPN. When they're in the office they use a USB ethernet adapeter to connect wired & static (10.100). This is extra convenient because I can set up the proxy on the USB adapter and leave the integrated wifi or enet on dhcp for hotels and hot spots.
Ok, I am now at a complete loss as to what you need.
I originally thought you needed a router with integrated wireless because you mentioned 30 laptops. It now seems that this is completely irrelevant as what you are really looking for a is a router to handle incoming VPN connections from anyone on the road. Therefore, whatever WiFi protocols they use are completely meaningless.
You state you already have a Cisco router, a WiFi capable one no less, and for some reason you are not using it. I can only assume that it doesn't support VPN or that it is not beefy enough to handle 30 connections.
At any rate, you never have to use integated WiFi in the router just because it's there. So, what exactly is it that you have and don't have? If you want integrated ADSL or not (or even SHDSL) the Cisco 1800 and 800 are still valid options. They also have ISDN fail-over or pure Ethernet WAN (dual, with fail-over). The D-Link DFL-800 is also an option.
What is missing from this equation? Tell us how much you want to spend and exactly what this device needs to do (and not do).
PS. And please forget any mentions of using a Linksys WRT54G or similar device. It would be a heinous crime to use those for mission-critical business. They can and will fail on you, especially when you least need it.
I originally thought you needed a router with integrated wireless because you mentioned 30 laptops. It now seems that this is completely irrelevant as what you are really looking for a is a router to handle incoming VPN connections from anyone on the road. Therefore, whatever WiFi protocols they use are completely meaningless.
You state you already have a Cisco router, a WiFi capable one no less, and for some reason you are not using it. I can only assume that it doesn't support VPN or that it is not beefy enough to handle 30 connections.
At any rate, you never have to use integated WiFi in the router just because it's there. So, what exactly is it that you have and don't have? If you want integrated ADSL or not (or even SHDSL) the Cisco 1800 and 800 are still valid options. They also have ISDN fail-over or pure Ethernet WAN (dual, with fail-over). The D-Link DFL-800 is also an option.
What is missing from this equation? Tell us how much you want to spend and exactly what this device needs to do (and not do).
PS. And please forget any mentions of using a Linksys WRT54G or similar device. It would be a heinous crime to use those for mission-critical business. They can and will fail on you, especially when you least need it.
Sorry wireframe. Here's the deal:
Currently renting IT capabilities of a sister company but changing locations so I have to do it myself now. What I have is a fileserver, proxy and content scanner. What they have is firewalls and incoming VPN managment (Checkpoint VPN-1). I have a Cisco wireless access point (not a router) that I inhereted from an evaluation done at a sister company. I don't even have the manual, but iit's a Aironet 1130AG.
What I'm losing is the firewalls and incoming VPN management (and I'll probably drop SecureClient content scanning too as that was the sister company's requirement for using part of their T3).
I'm looking to spend as little as possible but need something reliable (I'm not a linksys fan). I have about 30 users on the "inside" surfing and emailing through the firewalls and about 6 on the outside tunneling in to get email only but eventually they'll tunnel to a database server for accounting functions and the count outside will go as high as 20 when I bring my China office into my accounting system.
How's that?
[Edit: I will also switch to DHCP internally as the static we use now was required for content scanning that I will drop]
Currently renting IT capabilities of a sister company but changing locations so I have to do it myself now. What I have is a fileserver, proxy and content scanner. What they have is firewalls and incoming VPN managment (Checkpoint VPN-1). I have a Cisco wireless access point (not a router) that I inhereted from an evaluation done at a sister company. I don't even have the manual, but iit's a Aironet 1130AG.
What I'm losing is the firewalls and incoming VPN management (and I'll probably drop SecureClient content scanning too as that was the sister company's requirement for using part of their T3).
I'm looking to spend as little as possible but need something reliable (I'm not a linksys fan). I have about 30 users on the "inside" surfing and emailing through the firewalls and about 6 on the outside tunneling in to get email only but eventually they'll tunnel to a database server for accounting functions and the count outside will go as high as 20 when I bring my China office into my accounting system.
How's that?
[Edit: I will also switch to DHCP internally as the static we use now was required for content scanning that I will drop]
bdotobdot2
Newcomer
This router would probably do quite well and allow you to use 2 connections (say dsl and cable) nicely.
Twin WAN VPN Gateway - XC-DPG603
http://www.xincom.com/twr603.html
I have the 502 and love it!!!
Twin WAN VPN Gateway - XC-DPG603
http://www.xincom.com/twr603.html
I have the 502 and love it!!!
Similar threads
