VPN Router Recommendations?

The network is the forum.

Moderators: Steel, notfred

VPN Router Recommendations?

Postposted on Mon Jun 18, 2012 7:25 am

Anyone have a recommendation on a good VPN router? Before I go diving into what looks decent, I'm open to suggestions. Dealt with lots of the Linksys E routers before, wondering if D-Link or Netgear perhaps have anything on par or better. Price range is $100-$200 each (needing two). Will be setup 300+ miles away connecting two offices with a Server 2008 R2 thrown into the mix. Very mild traffic as there will only be 3-5 machines using the connection tops.

Unsure of which VPN protocol I'm going to be using, also open to suggestions there as well. Any downside to using L2TP/IPSec over PPTP. I've also had to use RADIUS a few times, but was "informed" by someone that RADIUS transmit authentication in plain text :o , please tell me they were full of it :P
"I think there is a world market for maybe five computers."
Thomas Watson, chairman of IBM, 1943

i5-2500K|Asus P67 Sabertooth|16GB Corsair 1600|MSI 7850 2GB|250gb Evo 840|Corsair 400R|ET750w PSU|Logitech G5|Dell 2420L|Corsair Vengeance 1300
Welch
Minister of Gerbil Affairs
Gold subscriber
 
 
Posts: 2649
Joined: Thu Nov 04, 2004 5:45 pm
Location: Fairbanks, Alaska

Re: VPN Router Recommendations?

Postposted on Mon Jun 18, 2012 7:47 am

Welch wrote:Anyone have a recommendation on a good VPN router? Before I go diving into what looks decent, I'm open to suggestions. Dealt with lots of the Linksys E routers before, wondering if D-Link or Netgear perhaps have anything on par or better. Price range is $100-$200 each (needing two). Will be setup 300+ miles away connecting two offices with a Server 2008 R2 thrown into the mix. Very mild traffic as there will only be 3-5 machines using the connection tops.

Unsure of which VPN protocol I'm going to be using, also open to suggestions there as well. Any downside to using L2TP/IPSec over PPTP. I've also had to use RADIUS a few times, but was "informed" by someone that RADIUS transmit authentication in plain text :o , please tell me they were full of it :P



I speak from experience: Unless you need either: 1. A *BIG* VPN with full-blown IP-SEC or 2. A *tiny* VPN with PPTP for a very small number of clients, then you actually will be much better off setting up a simple SSL based VPN server using OpenVPN. The only thing you'll need for your router is to setup the routing table information for forwarding packets to and from the VPN host. I'm using a 6 year old notebook here at the office with OpenVPN and it has been extremely reliable. As a bonus: 1. It's open-source although there is commercial support if you want it. 2. It's cross platform with clients for Windows/Mac/Linux. 3. It's *much* easier to setup than a full-blown IP-SEC VPN, although probably a little more involved than a simple PPTP setup.

See: http://openvpn.net/index.php/open-source.html
4770K @ 4.7 GHz; 32GB DDR3-2133; GTX-770; 512GB 840 Pro (2x); Fractal Define XL-R2; NZXT Kraken-X60
--Many thanks to the TR Forum for advice in getting it built.
chuckula
Gerbil Elite
Gold subscriber
 
 
Posts: 568
Joined: Wed Jan 23, 2008 9:18 pm
Location: Probably where I don't belong.

Re: VPN Router Recommendations?

Postposted on Mon Jun 18, 2012 7:48 am

We have a Juniper connected to a SonicWall. That was "fun". And we tried to get the SonicWall connected to a Cisco.

It seems like every vendor has their own special terminology for VPN settings. And the Juniper was all CLI stuff which made the previous guy go insane. I don't have any specific recommendations beyond you might want to try to get the same model on both ends, that should hopefully make things less painful.
Scrotos
Graphmaster Gerbil
 
Posts: 1035
Joined: Tue Oct 02, 2007 12:57 pm
Location: Denver, CO.

Re: VPN Router Recommendations?

Postposted on Mon Jun 18, 2012 9:41 am

If you're going to be doing a site-to-site VPN, the traditional method is to use an IPSEC VPN. It's going to have better throughput, and since it's going to be router-to-router, you'll just have to set it and forget it. This is what I would recommend.

SSL-VPNs are better for mobile users. The throughput is lower, compared to IPSEC VPNs, but they're easier to configure, which is a plus for remote users. SSL-VPNs could be used for site-to-site VPNs, but that's not what they're really designed for.

At a minimum I would get a router running DD-WRT. Ideally, you should spend some money and get some higher end gear.

Radius is for authentication. It's not a VPN technology, so it's not really applicable to the problem.

Scrotos wrote:We have a Juniper connected to a SonicWall. And we tried to get the SonicWall connected to a Cisco.


Sonicwall stuff is fussy, and they want to do things their way.
Flatland_Spider
Gerbil Elite
 
Posts: 853
Joined: Mon Sep 13, 2004 8:33 pm
Location: The 918/539

Re: VPN Router Recommendations?

Postposted on Mon Jun 18, 2012 11:10 am

I have used a Linksys RV042, a pair actually ... http://www.newegg.com/Product/Product.aspx?Item=9SIA00Y0BC5093
It's cheap, easy setup, and it worked great for quite a few years, and would use it again if I need it.

Edit. There is also the RV016 and the RV082... I have also used the 16 and it worked great.
Ad eundum quo nemo ante iit!
DLHM
Gerbil First Class
 
Posts: 148
Joined: Thu Sep 06, 2007 12:23 pm
Location: Florida

Re: VPN Router Recommendations?

Postposted on Mon Jun 18, 2012 11:27 am

Welch wrote:I've also had to use RADIUS a few times, but was "informed" by someone that RADIUS transmit authentication in plain text :o , please tell me they were full of it :P


True statement with context. The connection is clear, but the passwords are hashed. Well, unless PAP is picked. TACACS+ does encryption.
"Welcome back my friends to the show that never ends. We're so glad you could attend. Come inside! Come inside!"
Ryu Connor
Global Moderator
Gold subscriber
 
 
Posts: 3563
Joined: Thu Dec 27, 2001 7:00 pm
Location: Marietta, GA


Return to Networking

Who is online

Users browsing this forum: No registered users and 2 guests