Router for VPN access
Thread Starter
Scooby Regular
Joined: Sep 2002
Posts: 81
Likes: 0
We have just set up a VPN server here at work and want to buy a Broadband router that will allow remote users to VPN onto us. I am getting confused over the VPN features of some routers, they say Single Session pass-through. Does that mean only one person can connect to us at a time or is it the other way around only 1 person can VPN out. We are using PPTP not IPsec.
Does anyone recommend a good ADSL Router, with built in Firewall and will allow at least 20 people to connect to us via VPN.
I just need a router to allow VPN access to our VPN server, i do not want it to control the VPN.
Thanks
[Edited by DarkMan - 12/2/2003 10:06:23 AM]
Does anyone recommend a good ADSL Router, with built in Firewall and will allow at least 20 people to connect to us via VPN.
I just need a router to allow VPN access to our VPN server, i do not want it to control the VPN.
Thanks
[Edited by DarkMan - 12/2/2003 10:06:23 AM]
Scooby Regular
Joined: May 2000
Posts: 10,371
Likes: 0
From: MY00,MY01,RX-8, Alfa 147 & Focus ST :-)
Something like this D Link router would probably do the job. Cisco do the 1701 ADSL router which would do a similar thing (although it costs a lot more than the D Link).
The biggest issue you will have is the power of your VPN server. If it is trying to maintain 20+ sessions that will need a fair amount of processing. That is why most systems now use hardware encryption modules which are faster than software based one versions. I would also limit the size of the tunnels (if you can) to ensure that all your users get reasonable access speeds.
Single session stuff would, I guess, be aimed at the home market rather than small corp stuff that you are talking about. There is a difference between passing sessions (IPsec traffic) through the router as opposed to terminating the VPN tunnel ON the router.
Chris
The biggest issue you will have is the power of your VPN server. If it is trying to maintain 20+ sessions that will need a fair amount of processing. That is why most systems now use hardware encryption modules which are faster than software based one versions. I would also limit the size of the tunnels (if you can) to ensure that all your users get reasonable access speeds.
Single session stuff would, I guess, be aimed at the home market rather than small corp stuff that you are talking about. There is a difference between passing sessions (IPsec traffic) through the router as opposed to terminating the VPN tunnel ON the router.
Chris
Scooby Regular
Joined: Feb 2003
Posts: 747
Likes: 0
VPN Pass thru on Broadband routers comes in many disguise
1) Single IPSec or PPTP VPN Pass-thru
2) Single IPSec/multi-sesh PPTP Pass-thru
3) Multi IPSec/PPTP Pass-thru - Sometimes called VPN-Server Pass Thru
Broadband & ADSL routers haven't really supported multi-session vpn Pass-thru due to the NAT engines were limited. However manufactures are starting to implement multi-sesh as development goes on. Off the top of my head, the ADSL router that I have been told that works is the ZyXEL 652H! ZyXEL say it supports both unlimited IPSec & PPTP sessions........well, the max is 1024 but I can't imagine anyone maxing that out because I am sure the word Cisco would be involved if someone had a requirement of 1024
The easiest way is to contact the manufacture of the router you are interested in
1) Single IPSec or PPTP VPN Pass-thru
2) Single IPSec/multi-sesh PPTP Pass-thru
3) Multi IPSec/PPTP Pass-thru - Sometimes called VPN-Server Pass Thru
Broadband & ADSL routers haven't really supported multi-session vpn Pass-thru due to the NAT engines were limited. However manufactures are starting to implement multi-sesh as development goes on. Off the top of my head, the ADSL router that I have been told that works is the ZyXEL 652H! ZyXEL say it supports both unlimited IPSec & PPTP sessions........well, the max is 1024 but I can't imagine anyone maxing that out because I am sure the word Cisco would be involved if someone had a requirement of 1024
The easiest way is to contact the manufacture of the router you are interested in
Thread
Thread Starter
Forum
Replies
Last Post
