Has anyone used the new Vyatta 5.x?  I was thinking about using that when I move in the fall.

It seems to offer quite a bit of features, although it looks like it can be a little complicated to set up - similar to the Cisco equipment.


-----Original Message-----
From: Lisa Kachold <lisakachold@obnosis.com>
To: Main PLUG discussion list <plug-discuss@lists.plug.phoenix.az.us>
Sent: Mon, 27 Apr 2009 12:45 pm
Subject: Re: Need Advice on Routers

Hi Mark,

As a technical professional, I have weighed the benefits and costs of SOHO "routers" against what can be expected in production equipment.

I find that the stability, functions and maintenance of most of these LinkSys and Netgear devices are not worth the cost; generally they must be tinkered with extensively, rebuilt and upgraded to even partially work.

I have had a couple of Netgear and LinkSys firewalls, including VPN so called "Small Business" firewalls.  I have built my own firmware, added second party firmware, WRT and studied extensively the image and configuration when the devices fail.  I find there are extensive security issues inherent in most of these devices that allow them to fail over under distributed packet assault and allow one of three things to happen:  remote access, firmware upgrade or management via http on wan side.  NOTE: I have not evaluated dlink or other manufactures offerings.

Here's an at a glance comparison of home broadband "routers":
http://compnetworking.about.com/od/broadband/tp/dslcablerouters.htm

While I strongly liked OpenWRT, because I essentially had a sweet little linux system, I did not find that the security features were robust enough; no IDS function was available for real time packet inspection (like in a ProSafe LinkSys Business Router); no VLAN or IPS features.  Configuring the firewall, while easy for me might not have been so easy for another since extensive inbound and outbound rules needed to be set via IPTABLES.  And when I was done, the OpenWRT ssh and distributed networking STILL was not able to withstand a distributed DoS with low level fuzzing attack - again falling over and allowing escalated privs.

With that said, I strongly suggest that you completely sidestep "home" versions and look at small business products.

Cisco has some new offerings that should perform better and include some suite functions:
http://www.infoworld.com/d/storage/cisco-delivers-security-storage-uc-small-business-624

Also, you do realize you can just get yourself a used Cisco 877 ADSL or ASA 5500 (do you already have an ADSL modem too) and have a VPN via Cisco VPN client that works with Linux well:

http://www.pcmall.com/pcmall/shop/detail.asp?dpno=562971&Redir=1&description=Cisco-877%20ADSL%20Security%20Router%20Wireless%20802.11g%20FCC%20compliant%20+%204-port%20Switch-WAN%20Routers,%20Gateways,%20etc.



On Mon, Apr 27, 2009 at 11:09 AM, Mark Phillips <mark@phillipsmarketing.biz> wrote:
I have a Linksys BFSX41 10/100 Cable Firewall Router with 4 Port Switch and VPN Endpoint that seems to be going through a slow death. I have a cable modem (Cox) on one side and a 100 MB LAN on the other side. If I plug the cable from the cable modem directly into my computer, I get the advertised "blazing fast speed." If I go through the router, my blazing fast speed drops to very slow - i.e. pages that load in a blink of an eye now take 10s of seconds to load. It seems to have something to do with heat - if I leave the router off for an hour, and then reconnect it, I get blazing speed for awhile, then it slows down.
 
I am looking for suggestions for a replacement router. I never could get the VPN part of this router to work with Linux, and I would like to be able to get to my network from outside through a VPN. So that is important. Other than that, I just need 100 BaseT network speed and at least 4 ports - more would be better. I have a separate Linksys wireless access point/hub that I turn on when I need to be mobile, so I don't need more wireless gear. I have to admit, I leave the router on all the time, so it needs to be sturdy! The exact same router on Newegg costs $69, so my price point is under $100.
 
Thanks!
 
Mark

---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss



--
www.obnosis.com (503)754-4452
"Contradictions do not exist." A. Rand
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss