adsl modem + router for vpn use.

Archived from groups: alt.internet.wireless (More info?)

Hi Guys,

Need some help & suggestions. I'm expanding the home connectivity & need to
go wireless now. I've been told to get Netgear's DG834G wireless adsl modem
+ router but have seen conflicting product reports/reviews & it doesn't seem
to work on VPN connections which i crucially need. I've even got a work
colleague test the VPN connection from her own DG834 which she has at home &
indeed, it failed to connect to the office.

Any suggestions or recommendations for a wireless adsl modem + router that
works well with VPN connections?

Thanks.

run.
12 answers Last reply
More about adsl modem router
  1. Archived from groups: alt.internet.wireless (More info?)

    If you are wantiing to connect to your house or office through a vpn
    you need a router that has vpn endpoint.
    Netgear makes some and they also have vpn client software.
    The dg834g supports only vpn passthrough.


    "run" <run@localtime> wrote in message
    news:1100780019.11559.0@nnrp-t71-02.news.clara.net...
    > Hi Guys,
    >
    > Need some help & suggestions. I'm expanding the home connectivity &
    need to
    > go wireless now. I've been told to get Netgear's DG834G wireless
    adsl modem
    > + router but have seen conflicting product reports/reviews & it
    doesn't seem
    > to work on VPN connections which i crucially need. I've even got a
    work
    > colleague test the VPN connection from her own DG834 which she has
    at home &
    > indeed, it failed to connect to the office.
    >
    > Any suggestions or recommendations for a wireless adsl modem +
    router that
    > works well with VPN connections?
    >
    > Thanks.
    >
    > run.
    >
    >
    >
    >
  2. Archived from groups: alt.internet.wireless (More info?)

    On Thu, 18 Nov 2004 12:13:37 -0000, "run" <run@localtime> wrote:

    >Need some help & suggestions. I'm expanding the home connectivity & need to
    >go wireless now. I've been told to get Netgear's DG834G wireless adsl modem
    >+ router but have seen conflicting product reports/reviews & it doesn't seem
    >to work on VPN connections which i crucially need. I've even got a work
    >colleague test the VPN connection from her own DG834 which she has at home &
    >indeed, it failed to connect to the office.

    Duz your VPN use IPSec, PPPTP, L2TP, or other tunneling protocol? The
    router has to support "VPN pass thru" for every protocol you use.

    How many tunnels are you running at one time? Many routers support
    only one or two simultaneous tunnels.

    Are you using some VPN protocol that encapsulates and authenticates
    the entire packet instead of just the payload? AH won't work, ESP
    will. If so, none of the NAT routers will work because changing the
    header IP from a WAN IP to a NAT IP will appear as packet tampering.

    Are you using Crypto IP (CIPE)?

    >Any suggestions or recommendations for a wireless adsl modem + router that
    >works well with VPN connections?

    Nope. I don't suggest using conglomerated solutions even if they are
    cheaper. I suggest you get a seperate ADSL modem ($30 on eBay), a
    seperate wired router that is known to work with your office VPN
    (about $80), and a seperate wireless access point ($60). The idea is
    that all the wires tend to come together at the router makiing a big
    wiring mess best hidden under a desk. However, the wireless part
    wants to have a good view of the house. These requirements are
    incompatible in a single box. Therefore, I suggest a "component"
    system instead of a conglomerated duz-it-all box.


    --
    Jeff Liebermann jeffl@comix.santa-cruz.ca.us
    150 Felker St #D http://www.LearnByDestroying.com
    Santa Cruz CA 95060 AE6KS 831-336-2558
  3. Archived from groups: alt.internet.wireless (More info?)

    Jeff, your just full of knowledge. Can I download your brain.

    Would you please explain router vpn endpoints and passthroughs in some
    detail.

    Lets say for number 1.
    I am using wireless at home and I want to use a vpn to a router. ( I
    read an earlier post of yours)
    What does my router need to have?


    Number 2
    I am sitting in a hotspot drinking a beer and I want to access my home
    via vpn.
    What does my router need to have?

    Number 3
    Do I actually have to have a vpn client sofware or can windoze be
    configured in itself.
    This question applies to win 2000, XPpro and XPhome


    "Jeff Liebermann" <jeffl@comix.santa-cruz.ca.us> wrote in message
    news:03opp0pepogfac7vds7iqfolnu8o3673k5@4ax.com...
    > On Thu, 18 Nov 2004 12:13:37 -0000, "run" <run@localtime> wrote:
    >
    > >Need some help & suggestions. I'm expanding the home connectivity &
    need to
    > >go wireless now. I've been told to get Netgear's DG834G wireless
    adsl modem
    > >+ router but have seen conflicting product reports/reviews & it
    doesn't seem
    > >to work on VPN connections which i crucially need. I've even got a
    work
    > >colleague test the VPN connection from her own DG834 which she has
    at home &
    > >indeed, it failed to connect to the office.
    >
    > Duz your VPN use IPSec, PPPTP, L2TP, or other tunneling protocol?
    The
    > router has to support "VPN pass thru" for every protocol you use.
    >
    > How many tunnels are you running at one time? Many routers support
    > only one or two simultaneous tunnels.
    >
    > Are you using some VPN protocol that encapsulates and authenticates
    > the entire packet instead of just the payload? AH won't work, ESP
    > will. If so, none of the NAT routers will work because changing the
    > header IP from a WAN IP to a NAT IP will appear as packet tampering.
    >
    > Are you using Crypto IP (CIPE)?
    >
    > >Any suggestions or recommendations for a wireless adsl modem +
    router that
    > >works well with VPN connections?
    >
    > Nope. I don't suggest using conglomerated solutions even if they
    are
    > cheaper. I suggest you get a seperate ADSL modem ($30 on eBay), a
    > seperate wired router that is known to work with your office VPN
    > (about $80), and a seperate wireless access point ($60). The idea
    is
    > that all the wires tend to come together at the router makiing a big
    > wiring mess best hidden under a desk. However, the wireless part
    > wants to have a good view of the house. These requirements are
    > incompatible in a single box. Therefore, I suggest a "component"
    > system instead of a conglomerated duz-it-all box.
    >
    >
    > --
    > Jeff Liebermann jeffl@comix.santa-cruz.ca.us
    > 150 Felker St #D http://www.LearnByDestroying.com
    > Santa Cruz CA 95060 AE6KS 831-336-2558
  4. Archived from groups: alt.internet.wireless (More info?)

    On Thu, 18 Nov 2004 13:01:37 -0600, "Airhead"
    <campbell@alliancecable.net> wrote:

    >Can I download your brain.

    No.

    >Would you please explain router vpn endpoints and passthroughs in some
    >detail.

    Ummm... No. I'm late for lunch. Too many VPN options, variations,
    mutations, standards, incompatibilies, techniques, topologies, and
    acronyms.

    >Lets say for number 1.
    >I am using wireless at home and I want to use a vpn to a router. ( I
    >read an earlier post of yours)
    >What does my router need to have?

    You need a router that will terminate a VPN tunnel. These are
    commonly called "VPN routers" (duh) and are quite different from
    routers offering "VPN pass thru" or "VPN tunnel support". I think I
    listed some likely candidates. I've used Sonicwall, Watchguard,
    Linksys, Cisco, and others. As always, I'm not a big fan of
    conglomerating the router and the wireless, so I suggest you look for
    seperate boxes.

    There's also a security issue. If you setup a VPN tunnel from your
    computah to your own router, but your computah is compromised by a
    worm, virus, or trojan, it's easy enough for an attacker to go around
    the tunnel and run your computah by remote control.

    There's a similar issue if you have a VPN router, and use it to
    *INITIATE* a VPN session into a corporate LAN through a VPN tunnel.
    This has the advantage of allowing all the computers on your LAN to
    play VPN without adding any additional software to each computah.
    Unfortunately, it also allows unauthenticated computers into the
    corporate LAN via your VPN router. If one of the kids computahs has
    been compromised, they have instant access to the corporate LAN.

    >Number 2
    >I am sitting in a hotspot drinking a beer and I want to access my home
    >via vpn.
    >What does my router need to have?

    IPSec VPN client software. I'm using the Cisco IPSec client, Safenet,
    and some others. The IPSec client is bundled with XP, and is
    available for 2000 etc.
    http://www.microsoft.com/technet/community/columns/cableguy/cg0502.mspx
    http://www.microsoft.com/windows2000/server/evaluation/news/bulletins/l2tpclient.asp
    http://www.wown.com/pages/search.asp?query=vpn&x=0&y=0 many articles

    Oh cool. An update to fix what XP SP2 broke:
    http://support.microsoft.com/default.aspx?scid=kb;en-us;818043

    Incidentally, ignore anything that reeks of PPTP.

    Search google for VPN client software. When you get it together, and
    you have a VPN router at your house, and you have a dynamic DNS
    provider so you find your home IP address, you will have access to
    your home LAN almost exactly as if you were plugged directly into the
    LAN side of your home router (including a LAN side NAT assigned IP
    address).

    >Number 3
    >Do I actually have to have a vpn client sofware or can windoze be
    >configured in itself.
    >This question applies to win 2000, XPpro and XPhome

    Self configuring? Surely you jest. You gotta screw around with
    arcane acroynms, cryptic values, and incomprehensible instructions.
    Search google for "xp vpn setup" and notice how many universities and
    libraries have canned setups for licensed VPN clients. If you think
    setting up a wireless router is a thrill, wait until you dive into the
    myriad of options and choices available in an IPSec VPN.

    Besides, if it were easy, it would be no fun.


    --
    Jeff Liebermann jeffl@comix.santa-cruz.ca.us
    150 Felker St #D http://www.LearnByDestroying.com
    Santa Cruz CA 95060 AE6KS 831-336-2558
  5. Archived from groups: alt.internet.wireless (More info?)

    Thanks for the lecture


    "Jeff Liebermann" <jeffl@comix.santa-cruz.ca.us> wrote in message
    news:vvupp0dd3eggemn3vuh29ml66skubrd7ri@4ax.com...
    > On Thu, 18 Nov 2004 13:01:37 -0600, "Airhead"
    > <campbell@alliancecable.net> wrote:
    >
    > >Can I download your brain.
    >
    > No.
    >
    > >Would you please explain router vpn endpoints and passthroughs in
    some
    > >detail.
    >
    > Ummm... No. I'm late for lunch. Too many VPN options, variations,
    > mutations, standards, incompatibilies, techniques, topologies, and
    > acronyms.
    >
    > >Lets say for number 1.
    > >I am using wireless at home and I want to use a vpn to a router.
    ( I
    > >read an earlier post of yours)
    > >What does my router need to have?
    >
    > You need a router that will terminate a VPN tunnel. These are
    > commonly called "VPN routers" (duh) and are quite different from
    > routers offering "VPN pass thru" or "VPN tunnel support". I think I
    > listed some likely candidates. I've used Sonicwall, Watchguard,
    > Linksys, Cisco, and others. As always, I'm not a big fan of
    > conglomerating the router and the wireless, so I suggest you look
    for
    > seperate boxes.
    >
    > There's also a security issue. If you setup a VPN tunnel from your
    > computah to your own router, but your computah is compromised by a
    > worm, virus, or trojan, it's easy enough for an attacker to go
    around
    > the tunnel and run your computah by remote control.
    >
    > There's a similar issue if you have a VPN router, and use it to
    > *INITIATE* a VPN session into a corporate LAN through a VPN tunnel.
    > This has the advantage of allowing all the computers on your LAN to
    > play VPN without adding any additional software to each computah.
    > Unfortunately, it also allows unauthenticated computers into the
    > corporate LAN via your VPN router. If one of the kids computahs has
    > been compromised, they have instant access to the corporate LAN.
    >
    > >Number 2
    > >I am sitting in a hotspot drinking a beer and I want to access my
    home
    > >via vpn.
    > >What does my router need to have?
    >
    > IPSec VPN client software. I'm using the Cisco IPSec client,
    Safenet,
    > and some others. The IPSec client is bundled with XP, and is
    > available for 2000 etc.
    >
    http://www.microsoft.com/technet/community/columns/cableguy/cg0502.msp
    x
    >
    http://www.microsoft.com/windows2000/server/evaluation/news/bulletins/
    l2tpclient.asp
    > http://www.wown.com/pages/search.asp?query=vpn&x=0&y=0 many
    articles
    >
    > Oh cool. An update to fix what XP SP2 broke:
    > http://support.microsoft.com/default.aspx?scid=kb;en-us;818043
    >
    > Incidentally, ignore anything that reeks of PPTP.
    >
    > Search google for VPN client software. When you get it together,
    and
    > you have a VPN router at your house, and you have a dynamic DNS
    > provider so you find your home IP address, you will have access to
    > your home LAN almost exactly as if you were plugged directly into
    the
    > LAN side of your home router (including a LAN side NAT assigned IP
    > address).
    >
    > >Number 3
    > >Do I actually have to have a vpn client sofware or can windoze be
    > >configured in itself.
    > >This question applies to win 2000, XPpro and XPhome
    >
    > Self configuring? Surely you jest. You gotta screw around with
    > arcane acroynms, cryptic values, and incomprehensible instructions.
    > Search google for "xp vpn setup" and notice how many universities
    and
    > libraries have canned setups for licensed VPN clients. If you think
    > setting up a wireless router is a thrill, wait until you dive into
    the
    > myriad of options and choices available in an IPSec VPN.
    >
    > Besides, if it were easy, it would be no fun.
    >
    >
    > --
    > Jeff Liebermann jeffl@comix.santa-cruz.ca.us
    > 150 Felker St #D http://www.LearnByDestroying.com
    > Santa Cruz CA 95060 AE6KS 831-336-2558
  6. Archived from groups: alt.internet.wireless (More info?)

    Thanks guys.... i wasn't expecting a lecture but now i'll have to do my
    homework & hope to get an A grade base on the stuff mentioned here.

    I'll look into a 'component' set as suggested Jeff. Thanks a million.

    run.


    "run" <run@localtime> wrote in message
    news:1100780019.11559.0@nnrp-t71-02.news.clara.net...
    > Hi Guys,
    >
    > Need some help & suggestions. I'm expanding the home connectivity & need
    to
    > go wireless now. I've been told to get Netgear's DG834G wireless adsl
    modem
    > + router but have seen conflicting product reports/reviews & it doesn't
    seem
    > to work on VPN connections which i crucially need. I've even got a work
    > colleague test the VPN connection from her own DG834 which she has at home
    &
    > indeed, it failed to connect to the office.
    >
    > Any suggestions or recommendations for a wireless adsl modem + router that
    > works well with VPN connections?
    >
    > Thanks.
    >
    > run.
    >
    >
    >
    >
  7. Archived from groups: alt.internet.wireless (More info?)

    On Thu, 18 Nov 2004 22:20:37 -0000, "run" <run@localtime> wrote:

    >Thanks guys.... i wasn't expecting a lecture but now i'll have to do my
    >homework & hope to get an A grade base on the stuff mentioned here.

    I'll have a quiz prepared when you get back. One thing that wasn't
    clear is that we are talking about two different types of router
    features for VPN.

    One is VPN "pass thru" which most routers support (to varying
    degrees). This requires VPN client software on your computah.

    The other is a "VPN router" that can initiate or terminate a VPN
    tunnel, without any additional software on the clients.

    >I'll look into a 'component' set as suggested Jeff. Thanks a million.

    A million whats? Dollars? Paypal to email address below will work.
    Or just mail me a cheque. Thanks much in advance.


    --
    # Jeff Liebermann 150 Felker St #D Santa Cruz CA 95060
    # 831.336.2558 voice http://www.LearnByDestroying.com
    # jeffl@comix.santa-cruz.ca.us
    # 831.421.6491 digital_pager jeffl@cruzio.com AE6KS
  8. Archived from groups: alt.internet.wireless (More info?)

    run <run@localtime> wrote:
    > Thanks guys.... i wasn't expecting a lecture but now i'll have to do my
    > homework & hope to get an A grade base on the stuff mentioned here.

    > I'll look into a 'component' set as suggested Jeff. Thanks a million.

    Recapping, since this broke into two completely separate topics.
    1:
    If you need to connect your laptop at home through a wireless router to a
    corporate VPN server, you use the vpn client they gave to you , or provided
    canned instructions for. You should be able to use almost any router.
    I have used SMC, Netgear and Linksys.
    If you wanted more than one computer to "tunnel" at the same time, you
    might need to be cautious, but the Linksys and SMC will at least do two
    simultaneously.

    #1 is simple, people do it all the time without even considering how
    difficult it may or may not be.


    2:
    You want to connect your wirless laptop to a VPN "somewhere" so that the
    wireless portion of your connection is more secure.
    hotspotvpn offers such as service for $8.99 per month.

    3:
    You want to connect from the internet to your home, using VPN (a home
    version of what a lot of people do toward work). Jeff suggests some real
    equipment. SMC offers some <$100 routers that act as VPN endpoints.
    WinXP-SP2 might work on the home server.

    4:
    You want to connect wirelessly from your laptop to you router, as a way of
    securing the wireless portion of the connection. Dunno. I think the SMC
    might do that.

    5:
    You want your router to establish the VPN connection to some other place,
    so that everything on your network is on the same VPN as the network at the
    remote end. Sonicwall.

    ---
    Clarence A Dold - Hidden Valley (Lake County) CA USA 38.8-122.5
  9. Archived from groups: alt.internet.wireless (More info?)

    Jeff Liebermann <jeffl@comix.santa-cruz.ca.us> wrote:

    > Oh cool. An update to fix what XP SP2 broke:
    > http://support.microsoft.com/default.aspx?scid=kb;en-us;818043

    Although that's dated November 12, 2004, the elements of it seem to be
    included with WinXP-SP2. They offer a download for Win2000, and a pointer
    to the WinXP-SP2 as a way to implement the changes.

    The binaries that are listed are dated April 2003.

    ---
    Clarence A Dold - Hidden Valley (Lake County) CA USA 38.8-122.5
  10. Archived from groups: alt.internet.wireless (More info?)

    On Thu, 18 Nov 2004 23:58:39 +0000 (UTC),
    dold@XReXXadslX.usenet.us.com wrote:

    >Jeff Liebermann <jeffl@comix.santa-cruz.ca.us> wrote:
    >
    >> Oh cool. An update to fix what XP SP2 broke:
    >> http://support.microsoft.com/default.aspx?scid=kb;en-us;818043
    >
    >Although that's dated November 12, 2004, the elements of it seem to be
    >included with WinXP-SP2. They offer a download for Win2000, and a pointer
    >to the WinXP-SP2 as a way to implement the changes.
    >
    >The binaries that are listed are dated April 2003.

    Oops and thanks. I didn't have time to take it apart. Note that this
    is revision 15 of the VPN update. I was hopeing that this was a fix
    for some of the VPN related oddities I was having with XP SP2, but
    apparently not. MS did fix the loopback problem:
    http://support.microsoft.com/default.aspx?kbid=884020
    but I was still seeing some weird problems. Meanwhile, at least two
    vendors have issued updates to their VPN clients that seem to have
    fixed or bypassed the problem, so I'm not sure it was all XP SP2
    fault.
    http://www.peterprovost.org/archive/2004/08/12/1754.aspx


    --
    Jeff Liebermann jeffl@comix.santa-cruz.ca.us
    150 Felker St #D http://www.LearnByDestroying.com
    Santa Cruz CA 95060 AE6KS 831-336-2558
  11. Archived from groups: alt.internet.wireless (More info?)

    Jeff Liebermann <jeffl@comix.santa-cruz.ca.us> wrote:
    >>> Oh cool. An update to fix what XP SP2 broke:
    >>> http://support.microsoft.com/default.aspx?scid=kb;en-us;818043

    > Oops and thanks. I didn't have time to take it apart. Note that this
    > is revision 15 of the VPN update. I was hopeing that this was a fix

    I encountered a dreadful slowdown, useless system, on Win2000 with Nortel
    Contivity VPN client after applying MS04-11
    http://support.microsoft.com/default.aspx?kbid=841382
    This would happen any time I made certain changes to TCP, like adding a new
    WiFi card. I could cure it by uninstalling and reinstalling Contivity, but
    that sometimes took an hour, the system was so slow.

    When I read the workaround, I thought that they were suggesting that I
    disable VPN, but on second read, I think it might not have disabled
    Contivity, which was the only VPN or IPSec that I was using.
    Too late though. I applied the hotfix, which cured the slowdown, but now I
    could not renew an address when changing wired networks. I had to reboot.

    I tried reloading win2000, but the release/renew problem still was there,
    so I upgraded tow WinXP. Actually I did a fresh install. The Contivity
    client continued to work, right through SP2.

    I haven't used anything but Contivity on SP2. I had previously used
    SonicWall, Checkpoint, Cisco and "standard" Windows IPSec on Win2000.

    I've been tinking about using my SMC as a VPN endpoint to come back "home"
    while on the road, but I see that it has IPSec and PPTP. I saw you mention
    PPTP in ill manner in this thread. I wonder why? I think that's what we
    used on the Sonicwall, linking the different offices together, with
    Sonicwall in each office.
    http://www.smc.com/files/AH/7004WFW_VPN_QIG_US.pdf

    --
    ---
    Clarence A Dold - Hidden Valley (Lake County) CA USA 38.8-122.5
  12. Archived from groups: alt.internet.wireless (More info?)

    On Sat, 20 Nov 2004 19:22:43 +0000 (UTC),
    dold@XReXXadslX.usenet.us.com wrote:

    >I've been tinking about using my SMC as a VPN endpoint to come back "home"
    >while on the road, but I see that it has IPSec and PPTP.

    Model number please? The SMC Barricade Plus series will terminate
    either an IPSec or PPTP tunnel and qualifies as a "VPN router".

    >I saw you mention
    >PPTP in ill manner in this thread. I wonder why?

    Even Microsloth no longer supports PPTP and switched to first pushing
    L2TP and then IPSec. I still service some legacy NT4 servers
    terminating a PPTP VPN. Mysterious hangs, lousy performance, failure
    to release IP addresses on disconnect, and other oddities are my main
    issues. There were also some problems with PPTP hanging when bringing
    up programs that access the ethernet card. I guess(tm) that the
    security PPTP offers is good enough, but probably not up to current
    standards. The only reason anyone uses it is that the client comes
    free with older Windoze mutations. Not recommended.

    >I think that's what we
    >used on the Sonicwall, linking the different offices together, with
    >Sonicwall in each office.
    >http://www.smc.com/files/AH/7004WFW_VPN_QIG_US.pdf

    Yeah, that's it. No personal experience with the box. PPTP has the
    advantage in that the older Windoze mutations have a PPTP client
    included. It appears that you can mix different types of VPN types
    with the Barricade Plus. Sonicwall SOHO and TELE boxes do only IPSec,
    so you may have been using a mixture. Dunno.

    If you have a Barricade Plus router, methinks it should work just fine
    for calling home securely. However, I would suggest you use IPSec
    instead of PPTP.


    --
    Jeff Liebermann jeffl@comix.santa-cruz.ca.us
    150 Felker St #D http://www.LearnByDestroying.com
    Santa Cruz CA 95060 AE6KS 831-336-2558
Ask a new question

Read More

Wireless Routers VPN Wireless Networking