- Netgear FM114P Cable/DSL Prosafe Wireless Gateway
- Linksys Etherfast AP Cable/DSL Wireless Router with 4-port Switch
- Belkin Wireless Cable/DSL Gateway Router
- SMC Barricade Wireless Broadband Router with 4-port Switch
- Hawking Wireless Cable/DSL Router 11Mbps AP with 4-port Switch
Products in this category usually have one 10 Mbps Ethernet uplink that you connect to your DSL or cable modem. You'll want to make sure this uplink accepts a dynamic IP address through DHCP or PPPoE - whatever protocol your DSL provider requires. (Check the settings of the PC now connected to your DSL modem, or documentation from your DSL provider.)
Products like these usually have two kinds of internal interfaces: an embedded 802.11b access point and a few 802.3 Ethernet ports. These are used to connect several stations (usually between 32 and 254) that are equipped with either 802.11b wireless cards or 10/100 Ethernet cards. Typically, these stations use DHCP to get a private IP address from the gateway. The gateway serves as a NAT-ing router/firewall, mapping traffic from your private LAN to the public Internet, using the single IP address assigned by your DSL provider.
These "mini firewalls" usually stop inbound connection requests, while allowing all outgoing connection requests and associated response traffic. Hackers do know how to fool these NAT-ing routers - for example, sending unsolicited traffic that appears to be response traffic for an existing TCP connection. However, your PC and laptop and any other station you might attach to your internal network will not have public addresses that can be directly reached from the Internet. Furthermore, the gateway will block most of the "door knob rattling" and port scanning that is typically launched against always-on DSL and cable modems. I recommend running personal firewall software on your PC and laptop so that you will have two layers of protection against intruders (at the gateway and at the PC).
Wireless gateways tend to differ in value added features. For example, some gateways support only 40-bit WEP for wireless link encryption while others support 128-bit WEP. Some include a wireless print server so that any device on your home LAN can share access to a printer on your LAN. Some support "VPN pass through" which lets PPTP and/or IPsec tunnels to get through the gateway ? this is important if you run a VPN client on your laptop and need to reach a VPN gateway at your employer. Some gateways support only 10 Mbps Ethernet or do not include any internal Ethernet ports - others include an embedded 3 or 4 port 10/100 Mbps switch. On the wireless side, most gateways support 802.11b Wi-Fi, but a few now support 802.11a. 802.11a is faster and less susceptible to interference in the home (for example, from 2.4 GHz phones and microwave ovens), but if you go this route, then all your wireless stations must have either 802.11a or a/b combos cards. If you plan to mix and match vendors - for example, use a Cisco or Agere wireless card supplied by your employer with a residential-grade wireless gateway like those listed above - you should make sure you pick a gateway that is Wi-Fi certified.
This was first published in December 2002