Router for VPN access
12 February 2003, 09:55 AM
#1
Scooby Regular
Thread Starter
Join Date: Sep 2002
Posts: 81
Likes: 0
Received 0 Likes
on
0 Posts
We have just set up a VPN server here at work and want to buy a Broadband router that will allow remote users to VPN onto us. I am getting confused over the VPN features of some routers, they say Single Session pass-through. Does that mean only one person can connect to us at a time or is it the other way around only 1 person can VPN out. We are using PPTP not IPsec.
Does anyone recommend a good ADSL Router, with built in Firewall and will allow at least 20 people to connect to us via VPN.
I just need a router to allow VPN access to our VPN server, i do not want it to control the VPN.
Thanks
[Edited by DarkMan - 12/2/2003 10:06:23 AM]
Does anyone recommend a good ADSL Router, with built in Firewall and will allow at least 20 people to connect to us via VPN.
I just need a router to allow VPN access to our VPN server, i do not want it to control the VPN.
Thanks
[Edited by DarkMan - 12/2/2003 10:06:23 AM]
02 December 2003, 11:01 AM
#2
Scooby Regular
Join Date: May 2000
Location: MY00,MY01,RX-8, Alfa 147 & Focus ST :-)
Posts: 10,371
Likes: 0
Received 0 Likes
on
0 Posts
Something like this D Link router would probably do the job. Cisco do the 1701 ADSL router which would do a similar thing (although it costs a lot more than the D Link).
The biggest issue you will have is the power of your VPN server. If it is trying to maintain 20+ sessions that will need a fair amount of processing. That is why most systems now use hardware encryption modules which are faster than software based one versions. I would also limit the size of the tunnels (if you can) to ensure that all your users get reasonable access speeds.
Single session stuff would, I guess, be aimed at the home market rather than small corp stuff that you are talking about. There is a difference between passing sessions (IPsec traffic) through the router as opposed to terminating the VPN tunnel ON the router.
Chris
The biggest issue you will have is the power of your VPN server. If it is trying to maintain 20+ sessions that will need a fair amount of processing. That is why most systems now use hardware encryption modules which are faster than software based one versions. I would also limit the size of the tunnels (if you can) to ensure that all your users get reasonable access speeds.
Single session stuff would, I guess, be aimed at the home market rather than small corp stuff that you are talking about. There is a difference between passing sessions (IPsec traffic) through the router as opposed to terminating the VPN tunnel ON the router.
Chris
02 December 2003, 02:23 PM
#4
Scooby Regular
Join Date: Feb 2003
Posts: 747
Likes: 0
Received 0 Likes
on
0 Posts
VPN Pass thru on Broadband routers comes in many disguise
1) Single IPSec or PPTP VPN Pass-thru
2) Single IPSec/multi-sesh PPTP Pass-thru
3) Multi IPSec/PPTP Pass-thru - Sometimes called VPN-Server Pass Thru
Broadband & ADSL routers haven't really supported multi-session vpn Pass-thru due to the NAT engines were limited. However manufactures are starting to implement multi-sesh as development goes on. Off the top of my head, the ADSL router that I have been told that works is the ZyXEL 652H! ZyXEL say it supports both unlimited IPSec & PPTP sessions........well, the max is 1024 but I can't imagine anyone maxing that out because I am sure the word Cisco would be involved if someone had a requirement of 1024
The easiest way is to contact the manufacture of the router you are interested in
1) Single IPSec or PPTP VPN Pass-thru
2) Single IPSec/multi-sesh PPTP Pass-thru
3) Multi IPSec/PPTP Pass-thru - Sometimes called VPN-Server Pass Thru
Broadband & ADSL routers haven't really supported multi-session vpn Pass-thru due to the NAT engines were limited. However manufactures are starting to implement multi-sesh as development goes on. Off the top of my head, the ADSL router that I have been told that works is the ZyXEL 652H! ZyXEL say it supports both unlimited IPSec & PPTP sessions........well, the max is 1024 but I can't imagine anyone maxing that out because I am sure the word Cisco would be involved if someone had a requirement of 1024
The easiest way is to contact the manufacture of the router you are interested in
Thread
Thread Starter
Forum
Replies
Last Post
