Router Recommendations

Router Recommendations
NewsGroups | Search | Tools
User Password
Register Now! Lost Password?
 comp.dcom.vpn  Post an article  get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content  add this group's latest topics to your Google content  YahooMyWeb Yahoo!  Google Google  Windows Live Favorites Windows Live  del.icio.us del.icio.us  digg digg  Add to Netscape Netscape
Subject Author Date
Router Recommendations Aaron Gitlin 03-22-2007
Posted by Aaron Gitlin on March 22, 2007, 1:12 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Hello,

We would like to purchase a router to handle multiple (3)VPN tunnels using
IKE / IPSec. Previously, we had used Netopia R9100s, but since they appear
to no longer be supported properly by Motorola, we've decided to look
elsewhere. The two routers that we have our eyes on are the Cisco 871 and
the 3Com 3036. Does anyone have any specific recommendations on a router to
perform these tasks?

Thanks,

Aaron



Network Magic 20% Off NMEASY coupon code spring banner 468x60
Posted by Roy Hills on March 22, 2007, 2:54 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
On Thu, 22 Mar 2007 10:12:08 -0700, "Aaron Gitlin"
>We would like to purchase a router to handle multiple (3)VPN tunnels using
>IKE / IPSec. Previously, we had used Netopia R9100s, but since they appear
>to no longer be supported properly by Motorola, we've decided to look
>elsewhere. The two routers that we have our eyes on are the Cisco 871 and
>the 3Com 3036. Does anyone have any specific recommendations on a router to
>perform these tasks?

Even though three tunnels is relatively small, it's worth thinking about
the maximum aggregate IPsec traffic rate that will be involved to ensure
that the solution will cope. The encryption algorithm may make a
difference here, with AES/128 generally being the fastest and 3DES
generally the slowest (at least for software implementations; the situation
can be reversed for some systems with hardware acceleration that only
supports 3DES).

One additional product I'd consider is the Juniper NetScreen Firewall/VPN
device. I've found the 5 series (e.g. 5GT) to be good low-end devices
(they have larger systems too, but I've never used them).

I've also used Cisco routers, but not the 871 model. However, it will use
Cisco IOS software which has just about all the features that you're likely
to need.

I can't comment on the 3Com, having never used it.

Beware that many of the low-end ADSL routers also offer IPsec, but the
functionallity is often very limited (e.g. no RSA authentication support,
problems with multiple tunnels Etc.).

Roy Hills

Posted by Doug McIntyre on March 22, 2007, 6:12 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
>We would like to purchase a router to handle multiple (3)VPN tunnels using
>IKE / IPSec. Previously, we had used Netopia R9100s, but since they appear
>to no longer be supported properly by Motorola, we've decided to look
>elsewhere. The two routers that we have our eyes on are the Cisco 871 and
>the 3Com 3036. Does anyone have any specific recommendations on a router to
>perform these tasks?

You may want to look at enterprise level firewalls as well. Something
like a Juniper/Netscreen 5GT or a Fortigate F50A will give you alot
more options than the Netopia or a "router" product for about the same
price point (well, more like cisco pricing, or the Netopia new). Plus
both of these route if you need some sort of routing functionality at
this level (a lot better than the Netopia routed).



Posted by Aaron Gitlin on March 23, 2007, 1:01 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Thanks for the input Doug and Roy!

I was referred to the NetScreen devices previous by a friend of mine; they
seem to be the right way to go. My frustration with them was they appeared
to use the same licensing nonsense that SonicWall uses. IMHO, it seems to
make the product more expensive than it should be. The counter-point of
that being "you get what you pay for" ;)

I'll give Juniper a call and see what we can figure out.

Have a great weekend!





>>We would like to purchase a router to handle multiple (3)VPN tunnels using
>>IKE / IPSec. Previously, we had used Netopia R9100s, but since they
>>appear
>>to no longer be supported properly by Motorola, we've decided to look
>>elsewhere. The two routers that we have our eyes on are the Cisco 871 and
>>the 3Com 3036. Does anyone have any specific recommendations on a router
>>to
>>perform these tasks?
>
> You may want to look at enterprise level firewalls as well. Something
> like a Juniper/Netscreen 5GT or a Fortigate F50A will give you alot
> more options than the Netopia or a "router" product for about the same
> price point (well, more like cisco pricing, or the Netopia new). Plus
> both of these route if you need some sort of routing functionality at
> this level (a lot better than the Netopia routed).
>
>



Posted by Doug McIntyre on March 23, 2007, 2:13 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
>I was referred to the NetScreen devices previous by a friend of mine; they
>seem to be the right way to go. My frustration with them was they appeared
>to use the same licensing nonsense that SonicWall uses. IMHO, it seems to
>make the product more expensive than it should be. The counter-point of
>that being "you get what you pay for" ;)


Their licensing is actually what pushes us to use more Fortigate devices.
They don't have the 10-workstation vs. unlimited license as an option
on the small-end boxes. The GUI is nicer on the Fortigate, although
the CLI is crappier. (not that the CLI on the Netscreen is all that
grand, but I get around it alot easier than Fortigate).



Similar ThreadsPosted
Problem Free VPN Capable Router Recommendations? April 15, 2006, 8:35 pm
Router to Router VPN Recommendations, please! June 17, 2006, 7:57 am
VPN core to FVS318 endpoints recommendations August 29, 2006, 6:48 pm
Re: Nortel Contivity Client works without router but not with router. November 24, 2005, 6:54 pm
Nortel Contivity Client works without router but not with router. November 24, 2005, 8:45 am
Netopia R910 Router - Router VPN: Can't PING Remote PC October 29, 2007, 8:08 pm
VPN into office using FVS318 router behind Cayman Router April 5, 2005, 1:03 pm
VPN: Router-to-Router or Client-to-Router?? November 30, 2005, 12:14 pm
VPN: Router-to-Router or Client-to-Router?? November 30, 2005, 12:04 pm
Netgear Client - unknown router - internet - Netgear VPN router January 5, 2006, 1:33 pm

other useful resources:
The Federal Communications Commission (FCC)
Telecommunications Industry Association
Electronic and Software Security Products and Services
International Telecommunication Union

Custom CGI Perl and PHP programming by 1-Script.com

Contact Us | Privacy Policy
The site map in XML format XML site map