LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Looking for simple, reliable router that will handle vpn (http://www.linuxquestions.org/questions/linux-networking-3/looking-for-simple-reliable-router-that-will-handle-vpn-689223/)

wastingtime 12-09-2008 12:07 AM

Looking for simple, reliable router that will handle vpn
 
I am in search of a router firewall ideally below $100 that is reasonably simple to configure and manage, can handle few site-to-site vpn's and support GRE NAT translation so I could run a separate PPTP server behind it.

So far I have tried two routers that on paper met all the above requirements with pretty miserable results:

Netgear FVS 114 -
This router supports 8 site-to-site VPN and I think did GRE translation. It would drop the site-to-site vpn about once a day, requiring manual restart. But it's real problem started after 4 weeks of use, when it started to randomly freeze, requiring hardware reset. Initially it would freeze every few days, and within couple weeks the pace increased to every couple hours. I googled for this problem and found out it was common. I returned the junker and swore off Netgear.

Linksys BEFSX41 (most recent firmware) -
This router supports 2 site-to-site VPN and I found out that with the recent firmware it does not do GRE NAT translation anymore. It had worked reasonably well for a few weeks. The first problem started with it getting an error on the site-to-site vpn; it would automatically reconnect, however, having a wimpy cpu, key negotiation would slow the whole router for about 5 seconds. It does this every 10 minutes or so. The other problem started a couple days ago: it drops ssh connections every so often; I think that is a side effect of the site-to-site key negotiation.

So it time to return this junker too, except I do need a replacement.

What would you recommend?

kilgoretrout 12-09-2008 02:08 PM

Have you taken a look at the DD-WRT project:

http://www.dd-wrt.com/wiki/index.php/What_is_DD-WRT%3F

It's an open source firmware project for certain linksys and other routers that greatly expands their capabilities. You can check their forums but I suspect you may be able to do what you want using their firmware and a Linksys WRT54GL consumer grade router.

rweaver 12-09-2008 03:00 PM

Well, it's technically not a router but it may suit your needs well, try a Cisco PIX 506e sitting behind a fully opened up router. It functions as a firewall, vpn end point, dhcp server, and can handle basic routing as well. We used them pretty extensively as such at a previous job. Worked great. You can get them used on eBay for less than $100 easily.

You might could also use anything able to run dd-wrt, it's a pretty capable firmware as long as you get something with enough memory and flash to load the non-mini versions. It's meant to function more as a firewall than a router though.

<remote>--<internet>--<router>--<pix/fw/dd-wrt>--<lan>

deltabrown 01-04-2009 06:24 PM

I've been using SnapGear products for a number of years now. They're a bit over your $100 target but work well, use linux, allow root access, and are only limited by processing power, (re. number of users and such).

http://www.securecomputing.com/index.cfm?skey=1556


All times are GMT -5. The time now is 03:40 PM.