Recommendations for a new main router - Page 2 - Canadian TV, Computing and Home Theatre Forums
 1Likes
Reply
 
LinkBack Thread Tools Search this Thread Display Modes

post #16 of 33 (permalink) Old 2015-08-10, 09:05 AM
Veteran
 
Join Date: Jun 2011
Location: 43° N, 81.2° W
Posts: 8,436
There are basically two issues with putting the VPN on the main router. One is performance. An encrypted VPN uses a lot of CPU power so high VPN use it can impact devices that don't need the VPN. The other is location. If the VPN is connected to a workplace or other location, devices that need the local location will be impacted. For example, Canadian services might not work properly if the VPN server is located in the US or you might not want some personal data to go through that location.

Quote:
how would my wired devices use VPN?
Some VPN services allow more than one connection so wired devices may be connected, individually, to a second VPN server if needed. Maybe access point is the wrong term. Secondary router with VPN might be a better term. Wired and wireless devices that need a VPN can be connected to the secondary router. However, if every device can benefit from the VPN and side effects are not a concern, the main router can be used.
ExDilbert is online now  
Sponsored Links
Advertisement
 
post #17 of 33 (permalink) Old 2015-08-10, 09:39 AM Thread Starter
Rookie
 
Join Date: Jun 2015
Posts: 27
Ahh, dual routers, yes, understand where you are coming from. I had looked into that at one point but got distracted ; I really should revisit it now that I am in reconfiguration mode (one of the benefits - or curses - of retirement!)

I like the dual router concept very much, makes perfect sense. But I always got stuck on how to configure them, eg:

-can a bridged modem support two DCHP routers...or is one router simply downstream of the other?
-how do you ensure the IPs don't overlap/conflict with each other
-can all machines can still see each other if connected to different routers ( ie file transfers, TeamViewer, etc)

Are there any basic tips or resources to check out on this type of configuration?.
Mediaman09 is offline  
post #18 of 33 (permalink) Old 2015-08-10, 12:29 PM Thread Starter
Rookie
 
Join Date: Jun 2015
Posts: 27
Update - Found yet another router in the mix (one sitting on the shelf, randomly bought for an apartment a while back). Its a Netgear WNDR3400V2. This morning I got to work:
-downloaded the docs
-set it up as a DCHP router with my desired static IPs and DNS settings
-setup the static routes
-turned wi-fi off
-updated to the most recent stock firmware
-put the Hitron in Bridge mode for the first time

Very successful - everything working fine ; it even addressed the Netgear on Roku issue.

What a pleasure having a normal GUI to work with a ton of settings! Long live the bridge!

I have yet to play with VPN on the router - still using ibVPN client now. Thought I'd let the dust settle a bit first to make sure all remains solid.

The only bummer is that I just noticed it does not have gigabit ports; where as the rest of my network does. I am on Hybrid 60 so likely no impact there, but it would affect file transfers across the local network..so I still have my shopping to do. This temporary measure was still helpful in flushing out any issues with Bridge mode, ROKU, etc.

Last edited by Mediaman09; 2015-08-10 at 04:13 PM.
Mediaman09 is offline  
 
post #19 of 33 (permalink) Old 2015-08-10, 04:00 PM
Veteran
 
Join Date: May 2009
Location: Mississauga
Posts: 8,071
Quote:
There are good reasons not to run the VPN on the main router.
What would those be? I've never installed a VPN anywhere else, except on a laptop computer. This way the laptop can access the home or office network. When installed on the router, then it just handles traffic for the VPN as it would any other route. If the VPN terminates anywhere else on the local network, the other devices need to have their routing configured appropriately.

I haven't lost my mind. It's around here...somewhere...
JamesK is online now  
post #20 of 33 (permalink) Old 2015-08-10, 07:32 PM Thread Starter
Rookie
 
Join Date: Jun 2015
Posts: 27
It quite entertaining reading the user reviews on some of the routers mentioned here and others. So far I have seen quite a few horror stories ending with:
-"I will never buy ASUS again"
-"I will never buy Netgear again"
-"I will never buy D-Link again"
-"I will never buy Linksys again"

These of course be for all sorts of reasons, some perhaps avoidable, some perhaps not. At the same time, some very respected technical sites, eg smallnetbuilder , paint a very different picture. So its certainly not black and white.

On price, there quite a price range to choose from even with the routers mentioned in this thread, from TP-Link AC1200 Archer 5 (about $130 CDN) to ASUS RT-AC68U (about $230).

As I seem to be redeploying equipment every few years, I think its best to keep my options open, even if I turn off some features for now, so that leads me to the AC68U... This will give me:
-a top rated modem now
-dd-wrt compatibility as an option if I need it now or later
-static routing
-some native VPN features
-the ability to swap it with the R7000 Nighthawk if the need arises.

I think its well worth the $100 difference (or even less if I wait for a 10% to 20% Staples coupon, or labour day sale) to have the flexibility.

Gonna sleep on it. I have time.

Also checked the manual for the Nighthawk (stock firmware - no dd-wrt f/w available) and it seems to have more VPN options , so if I configure the house for 'VPN on the main router", I'd likely have the Nighthawk as the main router and the ASUS as an access point.

Last edited by Mediaman09; 2015-08-10 at 10:05 PM.
Mediaman09 is offline  
post #21 of 33 (permalink) Old 2015-08-11, 12:14 PM
Veteran
 
Join Date: Jun 2011
Location: 43° N, 81.2° W
Posts: 8,436
JamesK, re post #19, see post #16. I am talking about a dedicated, encrypted SSTP VPN to a remote server, not a PPTP VPN. If there is an easy way to route around that, I would like to hear about it.
ExDilbert is online now  
post #22 of 33 (permalink) Old 2015-08-11, 01:00 PM
 
Join Date: May 2013
Location: Ontario
Posts: 73
I am very happy with my Netgear R7000 Nighthawk with DD-WRT. It has been extremely stable and has great Wifi coverage. May not be the best now, but it is the best router I've ever owned.
Danno10000 is offline  
post #23 of 33 (permalink) Old 2015-08-11, 01:13 PM Thread Starter
Rookie
 
Join Date: Jun 2015
Posts: 27
Quote:
Originally Posted by Danno10000 View Post
I am very happy with my Netgear R7000 Nighthawk with DD-WRT. It has been extremely stable and has great Wifi coverage. May not be the best now, but it is the best router I've ever owned.
I have enjoyed mine as well. Expect it will remain solid when I make it my main router (its now just an access point)

Its also encouraging that it's dd-wrt compatible. That will give me more options if I need to ever go there. Curious though, why is it not listed in the dd-wrt database : Router Database | www.dd-wrt.com ??

UPDATE .. But it is listed here : http://www.dd-wrt.com/wiki/index.php...evices#Netgear

What is the different the between the "database" list and the "supported" list" ?
Mediaman09 is offline  
post #24 of 33 (permalink) Old 2015-08-11, 06:42 PM
Veteran
 
Join Date: May 2009
Location: Mississauga
Posts: 8,071
Quote:
I am talking about a dedicated, encrypted SSTP VPN to a remote server, not a PPTP VPN. If there is an easy way to route around that, I would like to hear about it.
Did you mean SFTP? Regardless, you didn't mention that and that's not quite a VPN in the general sense. It's just encrypting the connection. A VPN generally connects to a network and allows access to more than one device behind the firewall. It could be PPTP, IPSec, OpenVPN etc.

I haven't lost my mind. It's around here...somewhere...
JamesK is online now  
post #25 of 33 (permalink) Old 2015-08-12, 09:53 AM
Veteran
 
Join Date: Jun 2011
Location: 43° N, 81.2° W
Posts: 8,436
I meant a secure, encrypted, dedicated connection, like OpenVPN.
ExDilbert is online now  
post #26 of 33 (permalink) Old 2015-08-12, 05:30 PM
Veteran
 
Join Date: May 2009
Location: Mississauga
Posts: 8,071
^^^^
With OpenVPN, like other VPNs, you generally go to the firewall, if you want to access more than one computer. I have used OpenVPN in the past and it worked well. These days, with IPv6 and SSH & SSL/TLS I no longer need a VPN and can connect directly to the desired computer.

I haven't lost my mind. It's around here...somewhere...
JamesK is online now  
post #27 of 33 (permalink) Old 2015-08-13, 11:22 AM Thread Starter
Rookie
 
Join Date: Jun 2015
Posts: 27
About OpenVPN, when I try to read up on it (most of which I dont fully understand), I find three things:
  • as a protocol, its good, relative to others ( (Ref 1; Ref 2)
  • in term's of installation and ease of use, especially as a Windows client, its a bit archaic, but it works.
  • items of using on the router (so that all devices can benefit), its very doable with dd-rt, but hit and miss with other routers (Netgear R7000 user alone example hate it. Read this.) Not sure if this is the rule or the exception.

To help my learning curve I installed OpenVPN as a Windows Client, and am using it now, with my VPN service provider (SmartDNSProxy who provides VPN an DNS services). OpenVPN as a client is a bit unfriendly but it works. Also found by accident that I can avoid the interface and just use Network Connection in Window's, so I don't have to enter username/password each time. Not sure if Windows use a different protocol when I do this.

But what I really want to do is set it up in the router. Very confusing ( for me) as some routers are more accommodating than others. Also terminology gets in the way re VPN Server vs VPN Client. I have since learned (I think) that:
- VPN Server is when you want the router to act as the server so you can access your home network while at another location
- VPN Client is when you want the router toact as a client to log into a VPN service provider, so that you, through any connected device in your house, can access the internt through that VPN service

So its really VPN Client capability I am looking for in a router, preferably with stock firmware.

I haven't yet bought the router I will put VPN on, so my options are wide open. From what I read, ASUS might be the safest bet.

I am going to have a read of these tutorials next :
Smart DNS Proxy | VPN Setup for Asus Router : OpenVPN Prot...
https://www.expressvpn.com/tutorials/asus_router.
They talk about setting up OpenVPN on a number of ASUS routers, all with stock firmware.
JamesK likes this.

Last edited by Mediaman09; 2015-08-13 at 01:56 PM.
Mediaman09 is offline  
post #28 of 33 (permalink) Old 2015-08-13, 03:39 PM Thread Starter
Rookie
 
Join Date: Jun 2015
Posts: 27
Those Windows VPN shortcuts I referenced above, while convenient, really should not be used. It appears they use IKEv2 protocol
Mediaman09 is offline  
post #29 of 33 (permalink) Old 2015-08-13, 05:18 PM
Veteran
 
Join Date: May 2009
Location: Mississauga
Posts: 8,071
Quote:
VPN Server is when you want the router to act as the server so you can access your home network while at another location
The server is the device that listens for incoming connections. The other end is the client. So, you could set up the server end on a router and client on a laptop computer One curious situation is where both ends are network firewalls. Just choose one to be the client and the other to be the server.

I haven't lost my mind. It's around here...somewhere...
JamesK is online now  
post #30 of 33 (permalink) Old 2015-08-13, 07:37 PM
Veteran
 
Join Date: Jun 2011
Location: 43° N, 81.2° W
Posts: 8,436
Just to be clear, I was talking about putting an OpenVNP client on the firewall.
ExDilbert is online now  
Reply

Quick Reply
Message:
Options

Register Now



In order to be able to post messages on the Canadian TV, Computing and Home Theatre Forums forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.

User Name:
Password
Please enter a password for your user account. Note that passwords are case-sensitive.

Password:


Confirm Password:
Email Address
Please enter a valid email address for yourself.

Email Address:
OR

Log-in










Thread Tools Search this Thread
Show Printable Version Show Printable Version
Email this Page Email this Page
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode



Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

 
For the best viewing experience please update your browser to Google Chrome