dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
2017
share rss forum feed

mslundy

join:2000-10-10
Fpo, AP

VPN-Capable Router?

I appear destined to place a 2nd router in FRONT of my Vonage-supplied WRTP54G VoIP router, as the latter seems incapable of permitting INCOMING VPN/PPTP traffic.

Can anyone suggest a decent but inexpensive router which "plays well with other" that would serve my purposes? Again, I have an XP VPN Server BEHIND my present router that I want to reach from a remote location. I can see going with a WIRED router and keeping the WRTP54G for the wireless portion of my home network, OR going with a Wireless (Lynksys??) device and using the Vonage device only for VoIP.

Suggestions, Please? Thanks.


DocLarge
Premium
join:2004-09-08
kudos:1

2 edits

FPO AP?? I'm stationed overseas also (London, UK). I keep forgetting I'm not the only military guy on the boards...

The first choice would be either the SMCBR14VPN (four port) or the SMCBR18VPN (eight port) Firewall Routers. Both of these units handle NAT-T, and pass GRE, to include allow you to run vpn tunnels and allow client logins at the same time (both units come with 5 builtin vpn clients that are compatible with the MS VPN clients with both MS-CHAPv1 and MS-CHAPv2 supported):

»www.smc.com/files/AP/DS_BR18VPN_EN.pdf

However, being you have a linksys Vonage router, you'll need a gateway router that can still do VPN tunnels, establish vpn client connections, "and" support Qos management while your Vonage router hangs off of one of its LAN ports. For this, you could use either the Dlink DI804HV (four port) or the Dlink DI808HV Firewall Routers. The Dlinks are essentially "the same routers" as the SMC's except for two differences (as mentioned by Ccbadd):

1) The Dlinks support Qos management
2) The builtin vpn clients on the Dlinks "do not" support MS-CHAPv2

Here's a link to give you additional information:

»www.dlink.com/products/?pid=59

I've already emailed SMC tech support to ask if there's anything in the works on enabling Qos management in what may be the last update for the SMCBR line due to "end of sale" for this product line drawing near.

In short, those are the options that I know of. All the routers listed can be had for under $100. Also, these routers have "Hella" features under their hoods for SOHO-SMB's for the price they're being offered for.

Give it a minute and there will be a few others who may have additional suggestions.

Doc


mslundy

join:2000-10-10
Fpo, AP

Thanks for the quick and detailed reply. The D-Link routers sound reasonable. I also spotted the Linksys WRT54G v4 or lower which has 3rd party firmware upgrades available. I am under the impression that these Linksys routers, upgraded or otherwise, are much more capable than the Vonage-enabled items. I believe they support Qos management as well.


DocLarge
Premium
join:2004-09-08
kudos:1

1 edit

Possibly, but that's "only" if the 3rd party upgrades come ready to support the "full" Vonage suite of functionality; otherwise, all you're going to get is additional routing functions (i.e., cron, pptp server, vlan, Qos management, etc...).

Vonage comes integrated with a few of the linksys routers; one in particular is the RT31P2, which I run behind either my Linksys WRV54G or my SMCBR18VPN router. I need Qos, so I've ordered the dlink di808hv. So, a majority of the vonage services are integrated with linksys for the time being...

The WRT54G has come to the end of the line do to firmware being changed over to Vxworks, which doesn't support the linux kernel anymore, so if you have to have a WRT54G, make sure it's V1 to V4.

Doc


mslundy

join:2000-10-10
Fpo, AP

Yes, the WRT54G v4 and earlier is getting hard to find, though the GS appears to be equivalent in terms of permitting firmware replacements. But, if the WRT54G handles incoming PPTP well, it might be the way to go. It would let me move all of the wireless off of the Vonage/WRTPG54G and leave the latter doing only VoIP work, with Qos management by the WRT54G. Or, I could dust off my old RT31P2 and re-register the MAC with Vonage. It was a trusty device.


ccbadd

join:2005-07-03
Corpus Christi, TX
reply to mslundy

The new GS's are VxWorx also. If you could find a V3 or earlier GS you would have plenty of room to run DDWRT with OpenVPN integrated. I have several of these routers but I have not tried adding OpenVPN because I have not found any information on what the overall impact on performance of other router functions are while a VPN session is active. I would just look for the DLink DI804HV. It goes for ~60.00 and works great for VPN functions. I am going to contact DLink about the MS-Chap V2 issue and hopefully it will be added soon.


mslundy

join:2000-10-10
Fpo, AP

Correct. Thanks. I meant the GL, which is still being sold and is upgradable.

After taking into consideration the suggestions offered here, I've decided to go with a wireless router. I'd rather have the clearly less-than-capable Vonage device behind my main router, and dedicated to VoIP. I'll use a better-equipped router for my networking. This raises a few more questions. Seems that I need a wireless router with:

1) Real VPN pass-through Capability
2) Qos management

The Linksys WRT54GL with 3rd party firmware looks likely.

The pricey D-Link DI-724U has Qos management, and PROBABLY good VPN capability, though the latter is not emphasized in the specs.

FWIW, I pulled out my old Netgear RP614 for testing purposes. It allowed the incoming PPTP/VPN connection w/o a complaint, so I don't think we're talking about high-end gear. The Netgear set me back all of $10 after rebate.

Sorry to be obsessive. I just don't want to keep buying routers that almost do what I need.


ccbadd

join:2005-07-03
Corpus Christi, TX
reply to mslundy

mslundy,

I have tried many of the third party firmwares for the WRT series and one thing that I have found is PPTP passthru worked fine but not L2TP or IPSec. I have posted questions about this several time and it really did not seem to be a priority to anyone. I now run Thibor 13c or 14 on all of my WRT routers and find it to be the most stable by far. I would still recommend the D-Link DI-804HV as the gateway router and set the QoS to provide priority to the WRTP54G for the SIP connection. QoS is very important for SIP phones especially when the device is behind a different NAT router.


mslundy

join:2000-10-10
Fpo, AP

So, the DI-804HV supports L2TP and IPSec, should I want that someday? Finally, is there a wireless version of the DI-804HV with all of the features you are touting? Thanks.


ccbadd

join:2005-07-03
Corpus Christi, TX
reply to mslundy

The L2TP and PPTP servers could be used instead of the Windows VPN server, but are not necessary. There is a wireless version, DI-824VUP but I have never used it so I am not sure if it shares all the features or not. I just assumed you would continue to use the WRTP54G for wireless and the DI-804HV as the gateway router.


DocLarge
Premium
join:2004-09-08
kudos:1
reply to mslundy

I can help with that

The dlink di-824vup does pretty much everything the di804hv does. Differences are:

1)di-824vup is wireless
2)di-824vup does "not" have Qos capability

Other than that, the di-824vup is just the wireless version of the di804hv, here's the emulator:

»support.dlink.com/emulators/di824vup/

Doc


mslundy

join:2000-10-10
Fpo, AP

So, do I need QoS capability? I am posted overseas and we use our Vonage line a LOT. Line quality is important. I'd rather not introduce problems by placing it behind a router w/o QoS capability, which seems designed to prevent such problems.

Sounds like I want a router not currently offered by D-Link. Which is why I seem -- in spite of recommendations in this thread -- to keep wondering about an upgraded Linksys WRT54GL. Or is the QoS really going to matter on a home network with one wired computer and three wireless ones, with my Palm TX jumping in for brief intervals?

In my way of viewing things, its silly to have to have a Cable Modem AND a Router AND a VoIP router. And aesthetically challenging. But, I can't see any way around it for now. I'll deal with the aesthetics. But I REALLY don't want to purchase one device only to find out I needed a DIFFERENT one. I don't have time for that.

Thanks for your patience.


mslundy

join:2000-10-10
Fpo, AP
reply to DocLarge

On further nag. I can't find any documentation that the DI-804HV supports QoS. At least not on the D-L site. Was that added in a firmware upgrade?


ccbadd

join:2005-07-03
Corpus Christi, TX
reply to mslundy

D-Link added QoS support for the DI-804HV/808HV with the latest firmware release, 1.43. I have had problems with my VOIP from time to time when I was not using QoS so you definitely want it! As far as the WRT54GL is concerned, before going to the DLink at my house, I had been using a WRT54GS with Thibor 14 firmware and QoS was working great. I just wanted to VPN capabilities in a router rather than software on my PC and the price for the router is less then the price for a good IPSec client software package for my PC.


mslundy

join:2000-10-10
Fpo, AP

Unlike the DI-804HV, which added QoS management in a 2/20/2006 firmware upgrade, the DI-824VUP does NOT appear to have added QoS (it's not listed among the firmware features), and the last firmware for the DI-824VUP was 7/31/2005. That's a long gap, but the recent release of the DI804HV firmware gives some hope that one with QoS may be forthcoming for the DI-824VUP. I've emailed DLink and will hope for a response.


mslundy

join:2000-10-10
Fpo, AP
reply to ccbadd

Well, I pulled the trigger and went with the DI-824VUP. Rationale: I want the same router providing my VPN support to handle all of the routing. Makes life simpler for me. I will shut down everything on the WRTP54G except the VoIP.

One user review indicated (wrongly? see »www.newegg.com/Product/Product.a···-yah00TT ) that the DI-824VUP has QoS support. Not sure if this person was mistaken or if D-Link slipped QoS into the 7/2005 firmware upgrade. A call to D-Link got me no answer, and I've had no reply from my email. It will take me about 10 days to get the router, upgrade the firmware and place it in service. I'll advise about the QoS status at that time. I'm hoping to be pleasantly surprised, or that D-Link will at least add it to a long-overdue firmware upgrade in the near future.

I just couldn't resist the VPN features of the DI-824VUP, and I wanted a wireless device. The wireless QoS D-Link offerings support only VPN pass-through. With the 824 I may be able to use AnthaVPN on my Palm TX for an IPSec VPN. That will be nice. Configuring it will probably be a pain. I've tested a PPTP VPN HotSync over the internet, and it worked. Perhaps I'll report success with a more robust VPN. Wish me luck. Thanks for the advice.


ccbadd

join:2005-07-03
Corpus Christi, TX

Good luck and please do report on your findings with the DI-824VUP. If you don't mind, what did it cost?


mslundy

join:2000-10-10
Fpo, AP

$120 + $9 Priority Mail shipping to my FPO address from TigerDirect. NewEgg wanted $20 for shipping.

Of interest, I found some references to QoS being added in to the DI-824VUP+ firmware, which is marketed outside of the US. Pages were in German & French, and translation was rough, but QoS seems to have definitely been added to that version. I'm hopeful...will keep you posted.


mslundy

join:2000-10-10
Fpo, AP
reply to ccbadd

Router arrived and I got it configured with more than the usual difficulty. Odd problems, such as corruption of the WPA PSA key when changing a completely unrelated aspect of the router settings. It does NOT have QoS, and the router's 4/2005 firmware refuses to accept the 7/2005 upgrade. D-Link finally replied to my serial emails from their support site, indicating they've no time-line for relase of new firmware, but admitting that several requests for updated firmware had been received and were being passed on for consideration. Good news is that the Vonage WRTP54G works fine behind the DI-824VUP. Now, to figure out how to actualy use the VPN features with my Palm TX...in another post.