what router brand do you use?

what router brand do you use?

  • Total voters
    148
D-Link for other people's houses. After I had a DI-604 that was rock solid for years where WRT54G had failed me, I favor them.

At home I'm just using the 2wire 'home gateway' from the telco, because I have to. Behind that is a mostly stock OpenBSD 5.0 box running pf, snort and squid.
 
I use the Cisco Linksys routers because they were cheap and readilly available. and i'm not doing any fancy VPN or server hosting.
 
Hallis said:
I use the Cisco Linksys routers because they were cheap and readilly available. and i'm not doing any fancy VPN or server hosting.
Click to expand...

i still like the RVS4000's and the RVS4400 n's..

Have one as a spare in my closet..
 
At work, I have a Juniper MX5 and a Cisco ASR 1001 at the primary and hot site, respectively.

At home, I have a Juniper SRX210H-POE UTM device.
 
Skillz said:
So no consumer routers have dual WAN (as in using two Internet connections) capabilities out the box? I used to have a Nexland Pro800Turbo router that did dual WAN, however it cost like $400 back in the day (This was probably 2001/2002) I don't see how they wouldn't have a solution sub $200 by now.

Apparently I can only find one router at Newegg with dual WAN ports, and it doesn't even seem to do load balancing on them.
Click to expand...

Right. The reason you do not see it, and as always there might be one product against the grain that does, is that consumers typically do NOT want to afford two separate internet connections because there is absolutely no need for that in 99.9999999999% of households in the world.

Now for someone that is trying to run dual active wans at the same time you can easily do that with two separate routers and use two gateways on your internal networks. It will get a little more tricky but if you get to that point post up here and we can help you with that config.

Alternatively if you want dual wan as in Active Failover, there may more products that support this in the home sector. For instance Asus RT-N66U router supports the use of 3g/4g USB modems in the USB port for a failover internet connection but not active/active.

If you really want to do this the right way I would start digging around Craigslist and Ebay and try and score a used Cisco 5505 ASA with Security Plus license installed as you can do Active/Failover wan connectivity. If you want realtime dual wan access on one router you will probably need to purchase an actual factual router that supports multi-protocol routing and has additional true WAN interfaces, i.e. Cisco Routers like 1921 with EHWIC interface cards in them.

To have dual ISP on one device in real time bonded is just not going to happen. You need specialized protocol support, two separate WAN pipes from the same ISP, and an account that you are willing to pay for something like that. That is what a bonded T1 or T3.DS3 etc... is ..

Good luck in your searches. Take what I say with a grain of salt.
 
Innocence said:
D-Link for other people's houses. After I had a DI-604 that was rock solid for years where WRT54G had failed me, I favor them.

At home I'm just using the 2wire 'home gateway' from the telco, because I have to. Behind that is a mostly stock OpenBSD 5.0 box running pf, snort and squid.
Click to expand...

You can place that thing in bridge mode and use any firewall or router you want. Bridge mode places whatever is behind it, sort of through it instead, there is no more behind, and certainly no firewall, or any other policy. Your device running through the bridge, i.e. say a Dlink firewall, is completely 100% exposed to the outside internets which leave you in control.
 
SonicWall NSA250MW running with a 100Mbps down/10Mbps up primary and 10/1 backup (DSL)

Since everyone needs to have 18 site to site VPN tunnels and full UTM for one person :p lol
 
Skillz said:
So no consumer routers have dual WAN (as in using two Internet connections) capabilities out the box? I used to have a Nexland Pro800Turbo router that did dual WAN, however it cost like $400 back in the day (This was probably 2001/2002) I don't see how they wouldn't have a solution sub $200 by now.

Apparently I can only find one router at Newegg with dual WAN ports, and it doesn't even seem to do load balancing on them.
Click to expand...

Yes there are quite a few that do. I suppose we won't call them "consumer" routers....I classify "consumer routers" are those under 200 bucks.

I do recall the Nexland routers...I had one myself back in the day (the ISB SOHO model)...and Symantec bought up Nexland and kept selling the Pro800Turbo model as the R200 Security Appliance...I sold/installed lots of those. However..I wouldn't have called the Pro800 Turbo router a "Consumer" router.

Plenty of dual WAN routers for less than 400 bucks these days...less than 300 even...less than 200 even....
Cisco RV0 series (The Linksys part of Cisco, not the uppity true Cisco models that the snobs love)
Netgear ..some FVS ProSafe models
DLink had a NetDefend model
TrendNet has some BRV model that's under 200 bucks
Draytek has a few dual WAN models
 
tangoseal said:
You can place that thing in bridge mode and use any firewall or router you want. Bridge mode places whatever is behind it, sort of through it instead, there is no more behind, and certainly no firewall, or any other policy. Your device running through the bridge, i.e. say a Dlink firewall, is completely 100% exposed to the outside internets which leave you in control.
Click to expand...
Bridge has been disabled on the 2wire since an update about a year ago - best they do is "DMZ Plus" which still subjects it to some of the 2wire magic.

Not that it really matters - it keeps the connection up, that's all I really care about. I have all the control I need on my BSD box.
 
Skillz said:
I currently have two Linksys WRT54G routers running DD-WRT firmware. I need to upgrade them to something faster with gigabyte capabilities and Wireless N (Not that I have wireless N, but eventually I will)

I'd ideally like it to have dual WAN capabilities out the box as well.
Click to expand...


Not quite consumer grade as they are all over $200 but
Zyxel USG 50 ($250)and higher models have dual WAN load balancing capability for outbound requests only.

Cisco purchased back our 30 day old Cisco RV082 because it did not support our IPsec implementation correctly. And honestly.... the Zyxel USG boxes are much better routers/VPN endpoints than the RV series routers. If you can't afford an ASA consider a Zyxel USG router.
 
Last edited:
Did use a Cisco Linksys E1000...upgraded to a pfsense box, which is amazing.
 
Mackintire said:
Not quite consumer grade as they are all over $200 but
Zyxel USG 50 ($250)and higher models have dual WAN load balancing capability for outbound requests only.

Cisco purchased back our 30 day old Cisco RV082 because it did not support our IPsec implementation correctly. And honestly.... the Zyxel USG boxes are much better routers/VPN endpoints than the RV series routers. If you can't afford an ASA consider a Zyxel USG router.
Click to expand...

Zyxel's licenses are so $$$ tho :(
 
dashpuppy said:
Zyxel's licenses are so $$$ tho :(
Click to expand...

We don't even bother using any of the licensed features.

We purchased it as a router and VPN device.

FYI...The antispam module that can connect to spamhaus is free.


As a UTM the zyxel USGs are a mixed bag.... more powerful than a Sonicwall TZ, with some overlap into the NSA series. If I needed a a full UTM / router I would probably either buy an Sonic wall NSA or Fortigate.

Sonicwalls TZ and NSA devices can only do layer 2 routing, the initial costs are reasonable and the subscriptions are fairly high. The interface is awesome.

Fortigate's devices can do full layer 3 routing and UTM functions, the initial costs are high, the subscriptions are high, the interface is decent, but they have lots of features and great paid support.

Zyxel's USG devices are closer to a layer 2+ or a feature limited layer 3 device, can do static routing, and UTM functions but you need to be careful about sizing the device correctly if you plan on using the UTM functions., the initial costs are low, the subscriptions are high, the interface is object oriented and is not for newbies.


Again...and let me shot this from my soapbox:

"As a SOHO router and VPN combo device, I believe the Zyxel USG line is the best you can buy on the market in the $250-$600 new with 90 days of support included in that cost"

Adding or taking away any other requirement(s) and the above statement may not be true.


At the same cost, a home built PFsense box is a more capable router....but may not be a good choice, as support, and VPN integration may obstacles.
 
Last edited:
Mackintire said:
We don't even bother using any of the licensed features.

We purchased it as a router and VPN device.

FYI...The antispam module that can connect to spamhaus is free.
Click to expand...

Looking at my brand new TZ210 with 6 months left on the subscriptions right now, it's sitting in the box collecting dust LOL!!
 
dashpuppy said:
Looking at my brand new TZ210 with 6 months left on the subscriptions right now, it's sitting in the box collecting dust LOL!!
Click to expand...

Exactly, why I am running a PFsense box myself at home.

I was seriously considering buying a USG 300 for myself, but I don't need the 200 IPsec VPN tunnels or 25 SSL tunnels, nor do I want to spend $1400 to get all that.

I almost jumped on the NSA2400 that sold used for $800 on ebay last week.


What I would like is for PFsense to have a working SSL VPN browser login...where's the development on that?
 
Apple Airport Extreme, why apple ? See my sig i like stuff from then and the mac's works perfectly with the Airport
 
LightStar said:
Apple Airport Extreme, why apple ? See my sig i like stuff from then and the mac's works perfectly with the Airport
Click to expand...

Why not, the Apple Airport Extreme IS a half decent consumer class router.

It's close to perfect for the " I don't care or want to know" type of users who don't have special needs.
 
Mackintire said:
Exactly, why I am running a PFsense box myself at home.

I was seriously considering buying a USG 300 for myself, but I don't need the 200 IPsec VPN tunnels or 25 SSL tunnels, nor do I want to spend $1400 to get all that.

I almost jumped on the NSA2400 that sold used for $800 on ebay last week.


What I would like is for PFsense to have a working SSL VPN browser login...where's the development on that?
Click to expand...

You know how much the license is for a NSA2400 ? its more than the hardware witch is a total rip off.

I'm just going to wait till my tz210 is over its 1 year nfr, then sell it on ebay for cheap..
 
dashpuppy said:
You know how much the license is for a NSA2400 ? its more than the hardware witch is a total rip off.
Click to expand...

Screw that.... I 'd buy a Fortigate 100D first with a 2 year services bundle renewal first and still save over the NSA 2400 + 1 year of services.
 
Mackintire said:
Screw that.... I 'd buy a Fortigate 100D first with a 2 year services bundle renewal first and still save over the NSA 2400 + 1 year of services.
Click to expand...

I've never set one of those up or seen one, how good are they ? good throughput ?
 
Mackintire said:
In between the 2400 and the 3500
http://www.fortinet.com/products/fortigate/100D.html
Click to expand...

Support for both unless you are certified is terrible

Sonicwall is India based support which is horrid unless you get certified by them and then you go straight to Level 2 US based support which is very good. As a Master CSSA their product is excellent (IMO) but the licensing is a bit pricy. Fortinet is similar, but i find their lower end support much better than SonicWall as I have enough client complaints about it that they just use us to put the calls through.

Compared to Fortigate as I use and install both I find the SW does include a lot more features in their high end CGSS licensing package though. The UTM based anti-virus, spyware, and IPS features are excellent - plus the App Control/App Flow monitoring is something Fortigate's do not have. In two clicks I can bandwidth manage and/or block an entire application group like P2P, Messaging etc which is pretty cool.
 
Mackintire said:
We don't even bother using any of the licensed features.

Sonicwalls TZ and NSA devices can only do layer 2 routing, the initial costs are reasonable and the subscriptions are fairly high. The interface is awesome.
Click to expand...

Just to clarify, running 5.8.x or newer firmware SonicWall TZ-NSA-E boxes can do full OSPF but no BGP routing still

Agree on the rest of the points :D
 
Zetro said:
Just to clarify, running 5.8.x or newer firmware SonicWall TZ-NSA-E boxes can do full OSPF but no BGP routing still

Agree on the rest of the points :D
Click to expand...

The tz210's a piece if under powered garbage, the 2400 is good but so over priced.

The av feature is ok, the spyware is useless as tits on a board.

Remember tho guys Dell bought sw :)
 
Which brings me back to my original comment.

Considering the entry price, with no subscriptions, those USG units are nice boxes.
 
Zetro said:
Just to clarify, running 5.8.x or newer firmware SonicWall TZ-NSA-E boxes can do full OSPF but no BGP routing still

Agree on the rest of the points :D
Click to expand...

IIRC, they support BGP but they have nowhere near enough RAM or CPU to handle a full table, let alone more than one.
 
lizardking009 said:
IIRC, they support BGP but they have nowhere near enough RAM or CPU to handle a full table, let alone more than one.
Click to expand...

Fortinet boxes, even the small SOHO ones support BGP - Sonicwalls do not have that "feature"

As you noted, it would be a useless venture anyway lol
 
You must log in or register to reply here.
Back
Top