Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




8 posts

Wannabe Geek
+1 received by user: 2


Topic # 129439 16-Sep-2013 10:29
Send private message

Hello,

I just got Telecom UFB installed. I was hoping to use my TP-LINK W8970 router but have discovered it doesn't support VLAN tagging.

Does anyone have any suggestions on a router/switch capable of handling two or more IPSEC VPNs? 

WiFi is a nice-to-have. I could reuse my existing router for that.

Lastly, I'm hoping to spend under $500. 

I saw this related post but that was over a year ago. Something like the Draytek 2130 sounds good. Networking isn't my strong suit so I'm concerned pfSense and other software will be over my head. I also want to avoid having to build anything.

Any suggestions would be much appreciated. 

Create new topic
27287 posts

Uber Geek
+1 received by user: 6721

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  Reply # 896240 16-Sep-2013 10:57
Send private message

I guess the question if whether you're wanting a replacement for your router or wanting a $50 fix to get your TP-Link going. For $500 you'll get something that's a million times more powerful that a TP-Link but it depends exactly what your requirements are.

My favorite router right now is the Mikrotik RB2011 but if you have no technical knowledge you're going to struggle to configure it.

3423 posts

Uber Geek
+1 received by user: 414

Trusted

  Reply # 896254 16-Sep-2013 11:06
Send private message

My only concern with using a Mikrotik for IPSEC is whether it has the CPU power to handle it. Lots of them have 400mhz CPU so your not going to get much throughput.... Using something that runs on x86 hardware with higher CPU speeds or an offload board would give you better performance perhaps?

We use PFsense and can get 200mbps IPSEC comfortably.





 
 
 
 




8 posts

Wannabe Geek
+1 received by user: 2


  Reply # 896258 16-Sep-2013 11:15
Send private message

I've got one main IPSEC connection I need working. I have two more but I use them seldomly. I'm fine using SSL VPN software for those other two, in the rare occasions I need it.

I would like to replace the TP-LINK. I've had a steady stream of problems/annoyances. 

I'm not planning on doing anything advanced with the device. Assuming it has an easy to use web interface, I should be able to setup the PPPoE, VLAN 10 and IPSEC connection(s) I need. I'm not planning on doing anything more with it, aside from setting up WiFi if it came with it.

3692 posts

Uber Geek
+1 received by user: 1394

Subscriber

  Reply # 896276 16-Sep-2013 11:20
Send private message

I personally run a virtual instance of pfsense at home and that works really well. Don't use IPSEC but everything is relatively easy to set up as the GUI is quite nice and presents everything nicely.

If it was for a business I would just use Cisco gear. Probably 800 series for small business seeing as the 500 series is EOL. Like sbiddle says though, start at $500 and work your way up.



8 posts

Wannabe Geek
+1 received by user: 2


  Reply # 896298 16-Sep-2013 11:48
Send private message

Thank you everyone.

I think I'll try the Mikrotek. Appears the RB2011UAS-2HnD-IN would do the job for me.

27287 posts

Uber Geek
+1 received by user: 6721

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  Reply # 896304 16-Sep-2013 11:58
Send private message

bluestreak: Thank you everyone.

I think I'll try the Mikrotek. Appears the RB2011UAS-2HnD-IN would do the job for me.


What is your network knowledge like? If it's basic you're not going to be able to configure a Mikrotik without a steep learning curve.



8 posts

Wannabe Geek
+1 received by user: 2


  Reply # 896310 16-Sep-2013 12:10
Send private message

sbiddle:
bluestreak: Thank you everyone.

I think I'll try the Mikrotek. Appears the RB2011UAS-2HnD-IN would do the job for me.


What is your network knowledge like? If it's basic you're not going to be able to configure a Mikrotik without a steep learning curve.


My networking knowledge is moderate. It's not basic but I wouldn't say I'm an expert.

I had a look at a demo site for the RouterOS software and it looked straightforward. 

787 posts

Ultimate Geek
+1 received by user: 79

Trusted

  Reply # 896328 16-Sep-2013 12:26
Send private message

Juniper SRX110
- is a cow to setup tho.But works great.






8 posts

Wannabe Geek
+1 received by user: 2


  Reply # 897062 17-Sep-2013 16:09
Send private message

I got the RB2011UAS-2HnD-IN last night. I was able to setup it for the internet and WiFi relatively quickly. I even managed to change the IP address of the device and local subnet. All my devices work - wired and wireless.

I was fighting with the IPSEC this morning until I realized I made a simple mistake in the config. 

It's an amazing unit, especially for the price, but you are right sbiddle that you need to know what you're doing! I got a local company that sells the units to review my config and help me lock it down.

Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Geekzone Live »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.