2Wire modem and VPN set up - Canadian TV, Computing and Home Theatre Forums
LinkBack Thread Tools Search this Thread Display Modes

post #1 of 11 (permalink) Old 2009-04-15, 09:13 AM Thread Starter
Join Date: Nov 2005
Posts: 58
2Wire modem and VPN set up

Ok. I am not very well versed in networking, but I will try to explain. I have a 2 wire 2701HG-G router (sympatico service). I also have a Synology DS 209+ NAS. I want to be able to connect to my network when I am traveling. I was told that I need to set up a VPN and the 2wire does not support this. What would I need to set this up? another VPN router in addition to the 2wire? I am using windows XP.

denaliman is offline  
Sponsored Links
post #2 of 11 (permalink) Old 2009-04-15, 12:07 PM
Join Date: Mar 2009
Posts: 93
Best option with the least amount of hassle:

- get a router that can be flashed with the dd-wrt firmware, wrt54gl is one of them
- flash it with the VPN version of the dd-wrt firmware
- enable the openVPN server on the router, there is a twiki for this, google will find it
- install openVPN on your laptop and follow the twiki for configuring it
- add a port forward on your router to forward incoming requests on the port you assign for your VPN

There are software only options available, but frankly I find the hardware VPN server the most hassle free. Mine has been running for a couple years now with zero issues.
repatch is offline  
post #3 of 11 (permalink) Old 2009-04-15, 04:32 PM
Join Date: Oct 2003
Location: Oakville
Posts: 528
Repatch is on the money: a hardware solution is best. I have been using OpenVPN for years.

If that's not possible, practical, or whatever...then try a software solution. Microsoft is getting good reviews for its Windows Live Mesh: I'm test-driving it. Very slick, great for mobile computing, and free. You just need a Windows Live ID (register to get one).

Check it out here: www.mesh.com
jpaik is offline  
post #4 of 11 (permalink) Old 2009-04-15, 05:39 PM Thread Starter
Join Date: Nov 2005
Posts: 58
Thanks. I will look into the hardware. Cisco or DLink which is better?
denaliman is offline  
post #5 of 11 (permalink) Old 2009-04-19, 10:35 AM Thread Starter
Join Date: Nov 2005
Posts: 58
Another question. What would be the difference between the wrt45GL router with DD-WRT flashed and a router that is VPN capable out of the box. I see that some routers are specifically manufactured for VPN. Is the flashed version of the wrt65gl essentially the same or is there some hardware installed in the "out of the box" VPN routers that make them different/superior?

denaliman is offline  
post #6 of 11 (permalink) Old 2009-04-19, 11:35 AM
Join Date: Mar 2009
Posts: 93
There is no special hardware.

FWIW the routers with VPN servers tend to me more trouble then their worth IMHO. They're difficult to setup, some don't even include full versions of the necessary of the VPN clients. Never mind the fact that they're more expensive then a WRT54GL or equivalent.
repatch is offline  
post #7 of 11 (permalink) Old 2009-04-19, 11:39 AM Thread Starter
Join Date: Nov 2005
Posts: 58
Thanks. So the VPN specific routers are just firmware and no special hardware. So I guess you are just paying extra for the firmware/software. Good to know. I was hoping to get a wireless N version. Will the N be faster that the G? or is this still out for debate, marketing hype?
denaliman is offline  
post #8 of 11 (permalink) Old 2009-05-06, 11:39 PM
Join Date: Jul 2005
Posts: 98
Okay, I think there needs to be another opinion added here.

First of all, I feel it is, in many cases, inaccurate to say that there are basically no differences between something like
OpenVPN versus router/firewalls with VPN functionality built into the them.

I can tell you from experience having sold and configured that gear (most notably Zyxel), that there are some
significant differences in some of the gear (and no, not just the very high-end gear.) The Zyxel (and other)
models I sold, as well as other low to mid-priced brands had a built-in hardware co-processor to process VPN
traffic, thereby taking the load off the main CPU. Of course, this doesn't apply to all of the very cheapest
consumer grade models.

That co-processor was essential for situations in which VPN traffice was moderate to heavy. I can't say for sure,
but I don't believe older PC CPU (unless it's dedicated only to that task) would be up to the task.

Second of all, you get phone support via some of the vendors. I'm sorry, but setting up a properly configured
(IPSEC) VPN is not always as easy as it looks, though the open source software definitely is a big improvement.

Also, don't underestimate the convenience of having VPN server/endpoint and firewall router all in the same box
and IP address. It's a great convenience, from my experience. Of course, I know security folks
will tell me that's just bad policy security-wise.

Finally, taking a brief glance at OpenVPN's HOWTO, I just can't see someone without intermediate-level networking
knowledge setting that up. If I'm misled, great-please show me a link so I can inform others.

brainer is offline  
post #9 of 11 (permalink) Old 2009-05-07, 12:12 AM
Join Date: Mar 2009
Posts: 93

If you read the thread you'd notice that most of us ARE recommending a "hardware" solution, OpenVPN is supported in DDWRT, which is the firmware running on routers that support it.

Yes, there is no "coprocessor" support, but frankly it isn't needed in a consumer environment. I easily saturate my broadband connection over my VPN, and the processor on the server isn't anywhere near a load of 1 while doing it.

When you flash a router with DDWRT (or other solutions) what you get is an "all in one" VPN/router/firewall solution.

My assertion was that in my experience I found routers based on OpenVPN EASIER to get working then "commercial" consumer VPN routers. Tech support? Frankly, I'd prefer a solution that didn't require a call to tech support at all, and if you follow the twiki on DD-WRTs website you won't need any help, it's VERY straightforward to get going.

On the client side it's a pure software solution, but of course for many users that's what they want, they want their laptop connecting to their home network over an insecure link, this solution is perfect for that. IF you need a more permanent type link, get a second DD-WRT router and configure it's OpenVPN stack to be client, pretty much as easy to setup as the software solution.
repatch is offline  
post #10 of 11 (permalink) Old 2009-05-07, 07:41 AM Thread Starter
Join Date: Nov 2005
Posts: 58
On the advice of my I.T. contractor I purchased a Snapgear VPN/firewall. It is not installed yet. Should be complete next week. Thanks to all for the advice. I still like the DDWRT solution, but the few local network guys I discussed this with were not aware of this solution and all advised to go the route of a dedicated VPN/firewall appliance.
denaliman is offline  
post #11 of 11 (permalink) Old 2010-08-14, 04:32 PM
Join Date: Jul 2005
Posts: 98
Jeez, I thought Snapgear went out of business
years ago. They were on of the earlier router mfgrs.
who actually admitted they were using Linux-based
OS/routing software.

A decent choice. Is support included or separate?

brainer is offline  

Quick Reply

Register Now

In order to be able to post messages on the Canadian TV, Computing and Home Theatre Forums forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.

User Name:
Please enter a password for your user account. Note that passwords are case-sensitive.


Confirm Password:
Email Address
Please enter a valid email address for yourself.

Email Address:


Thread Tools Search this Thread
Show Printable Version Show Printable Version
Email this Page Email this Page
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

For the best viewing experience please update your browser to Google Chrome