how-to block ads
|
coomarlin
join:2000-12-29
Morgantown, WV
| SPI firewall? I'm in the market for a new wireless router/firewall. I hear a lot of talk about SPI being an important feature. Some of the routers I've looked at do not list SPI (D-Link 524).
Is this a must have feature, or are most of the firewall capabilites of modern wireless routers pretty much the same?
The two primary routers I was looking at was the D_Link 524 and the Netgear 614. The Netgear lists SPI but the D-Link doesn't. | |
|  | | 
TerryMiller
Premium
join:2003-10-23
| Since most consumer routers don't disclose exactly what they implement as SPI I consider them all the same until you get incoming and outgoing firewall rules. If there is some feature you want like remote logging then use that, otherwise get what's cheapest and run a software firewall for logging and outbound protection.
Just my opinion, I'm sure there are others.
--
My family site | |
| 
mboy
Premium
join:2001-04-13
Little Falls, NJ
| I would steer clear of any of the Dlink SOHO routers. I have used a few and think they are JUNK. Not stable (software), not built very well. I do have a bunch of Dlink 24 port 10/100 switches I like tho.
I would highly reco a BUffalo WBR2-G54 wifi router, even does WPA-AES with the latest firmware. Has evwerything you want, even can block all wifi clients communicating with each other if you want, and has a client you can install on a PC that will pop up and give you access alerts.
Very stable router and can be found cheap when on sale (paid like $20 AR for mine).
I also have had much success deploying the SMC 2804wbr routers in a # of installs for family and clients. Father has 1 I set up, has 3 wifi clients on 24/7 and about 4-5 wired PCs on 24/7.
Both have SPI and I believe both have inbound/outbound filtering as well. | |
| | 
Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS
1 edit | Re: SPI firewall? Hey Mboy can you test them for me.
Turn NAT off and see if the clients are still protected by the firewall. That is a better test than reading the marketing crap.
THe ZyXEL home routers P334W for example has an SPI firewall and the firewall does remain protecting when NAT is turned off. The buffalo makes good wifi but their core router features are nothing special, you would be better off to go with another router that does have SPI the
linksys wrt54GS.
MG, the P334W has a 225MIPS 175MHZ engine and IM sure the wrt54GS has the same or slightly higher guts, so I think your specs pertain to the wrt54G only. In any case from my knowledge yes, a working SPI firewall.
The test is throughput, both the P334W and Linksys wrt54GS have gobs of throughput with firewall turned off, easily 25Mbps plus............ With the firewall activated this drops to around 8Mbps. (price to pay for higher level packet inspection.)
--
Ain't nuthin but the blues! "Albert Collins".
Leave your troubles at the door! "Pepe Peregil" De Sevilla. Just Don't Wifi without WPA, "Yul Brenner" -
(Llama Works Equipment ) - | |
| 
Mei Guo Ren
join:2001-11-05
Silver Spring, MD
3 edits | The linksys WRT54GS uses a 200MHz Broadcom processor running Linux (2.4.5 kernel, I think) and it has an SPI firewall. If you look at a router's specifications or manual and it shows port forwarding and an ability to block specific ports, protocols, WAN IP addresses, it is probably SPI (statefull packet inspection). I've assumed that the linux-based ones are using IP Masquerading (NAT) and IP Tables firewall, since these are built into the kernel. If you get a linux-based router with open-source firmware/OS, you may be able use 3rd party firmware that gives you more features and options.
--
Addicted to Linux since 1998. | |
|
mboy
Premium
join:2001-04-13
Little Falls, NJ
1 edit | Can't test it, I use my Buffalo as an AP only. Have my Snapgear SG550 doing all of my routing and firewalling duties (yeah, that one does bridged firewalling among MANY other things).
How much is that Zywall you are talking about. The poster was talking about SOHO routers which can be had for $50.
Again, I paid $20 for my Buffalo.
I don't think your Zywall is in that (lower)class.
Actually, just took a peak at it. Seams pretty good, can be had for $100, bit is still significantly more then a Buffalo, Dlink etc (% wise).
I saw VPN mentioned, but I did not see anything about what type of encryptionj it offers.
Does it support WPA AES?
If it is in the original posters bugdget, it looks like a nice unit. | |
| coomarlin
join:2000-12-29
Morgantown, WV
| Well I picked up a Netgear WGR614 v5 from Staples today because it was cheap. $49.99-$20MIR=$29.99
It says it does double firewall NAT and SPI and also WPA. It's a 802.11g 54 router. I'm not planning on using the wireless portion of it right now, but maybe soon in the future I might. | |
| | | |
|
·
·