We are faced with a situation where our client wants us to switch from using VPN client software on individual workstations to setting up a lan-2-lan VPN link (IPSec with preshared key and 3DES encryption). My question is how do we determine if the VPN router that I select will be able to handle the workload and will not become a bottleneck. Currently, we have about 25 users connecting to the client's transaction system using Microsoft's Remote Desktop Client. The number of users may go up to 45 during peak time.
The question is how do I choose between such a varied range of VPN capable routers starting at under $100 and going to $2000+ from Cisco, etc. Can I consider routers from Linksys (RV082, etc), NetGear, Netopia or do I have to look at Nortel, Juniper, Cisco, etc.?
As a small business, we are always looking for value for money... so any insight is greatly appreciated.
If you want a good cost/benifit ratio I'd go for netgear buisness line vpn routers.
How large is your internet pipe? That can sort of determine which router to buy. If you only have a T1 or lower speed broad band connection you may only need a netgear FVS318 as it can only do about 2Mbps 3DES throughput. If you have a higher speed connection you may want to consider a higher end FVS338 that has about 60Mbps 3DES throughput. I believe the FVS318 is around $100 and the FVS338 is around $150. The extra $50 is probably worth it to go up to the FVS338. Just get one of those for each site and you should be good to go
If you have a larger budget or are more worried about security than the price tag put a Cisco PIX at both sites. The 501 will do 3Mbps 3DES, the 515 will do 63Mbps, and the 525 will do 155Mbps.
501 - about $400-$500 depending on licensing
515 - about $5,500
525 - $10,000+
We use dsl which is about 1.5mbps so we should be good for these routers. Does that mean, to size the routers the internet pipe is the key and not necessarily the number of users we have?
Plus, how does the Linksys RV042 or RV082 match up to the Netgear routers? The reason I ask is that these support dual WAN ports which will allow us to use a backup broadband connection in case of any failures.
Putting 45 people through a 1.5Mbps connection will be the main bottleneck. This will especially be the case if you have adsl, your download may be 1.5Mbps but the upload will be 256Kbps or less. Any of these routers should be able to handle that many people easily in a site to site config.
The RV082 looks like a pretty promising choice. It is sort of inbetween the netgear FVS124G and the FVX538, both of which have dual wan. I found a couple reviews that talk about dns and nat problems in the firmware relating to the dual wan but they wern't very recent.
The FVS124G can do around 2Mbps 3DES for about $125, the RV082 can do at least 20Mbps 3DES for about $260, and the FVX538 can do around 100Mbps 3DES for about $340.
If the RV082 is a reasonable price and easy to get a hold of for you then go for it. Especially if it is avaliable locally, if it turns out to suck returning it is much easier
Great, thanks for giving me more choices. The pipe should not be a problem as we are already working using the VPN client on individual workstations with the same pipe. I just wanted to make sure that switching to hardware based VPN will not be a bottleneck.
Between, Linksys and Netgear, if i am looking at identical models (something like RV082) is one better than the other? I have heard netgear is a very good product, but is weak on technical support.
I have not had the pleasure of dealing with the netgear or linksys tech support yet but I have also heard some bad things about the netgear support.
I have seen many home grade netgear equipment die but never a buisness line. My neighbor is using my old 10baseT 4 port hub from netgear and it works just fine
I have also never seen a dead linksys product or had major issues with one. Though I have never put a linksys into enterprise level use, I have several netgears doing large tasks.
For buisness use my personal preference would lean towards the netgear.
please have a look on Nortel VPN box 1100 as well it will will you ADSL,V.35,v.90 and ISDN interfaces as well as backup option with 4 10/100 ports on private side and 1 10/100 on public for router ethernet connectivity. it has buitl in firewall (statful), Bandwidth management and QoS as well, 30 VPN tunnels with advance routing licence (BGP, OSPF) support. for further details please see the www.nortel.com/products