Q

What is a good low end cost VPN router?

I am a consultant and have a customer that needs to have a remote location VPN. I need a router for the remote location to create a VPN connection so that all devices on the remote site are considered on the network. What is a good low cost VPN router? The host site currently just has a DSL connection with a static IP and a Linksys router.

I am a consultant and have a customer that needs to have a remote location VPN. I need a router for the remote location to create a VPN connection so that all devices on the remote site are considered on the network. What is a good low cost VPN router? The host site currently just has a DSL connection with a static IP and a Linksys router.
I assume that your remote PCs are using the server site's Linksys router (or the Server itself) as a VPN gateway. I'll guess that you are probably using PPTP as your VPN protocol.

You want to replace the remote VPN clients on each PC with a VPN gateway for the entire remote office. For exa

mple:

RemotePC1-----+---(Internet)------------Linksys-----Server
              |
RemotePC2-----+
would become
RemotePC1-----+---Router---(Internet)---Linksys-----Server
              |
RemotePC2-----+

There are two ways to accomplish this. You can look for a router that behaves as though it were a VPN client. Or you can create a site-to-site VPN tunnel between the router and the Linksys or Server.

The first method has the advantage of requiring no change to your Server site. Your VPN gateway, whether it's your Linksys or Server, will continue to authenticate the new remote router as though it were just another VPN client. In fact, some PCs can continue to connect as they do now while others connect through the remote router. However, your equipment choices are going to be somewhat limited, because there are not that many routers designed to behave as "hardware VPN clients." For an entry-level example, see the SnapGear SG300.

The second method is more common for securing traffic from a remote office to a central site. It requires compatible VPN gateways at both ends. Depending on the products and protocols you are using today, you may be find a VPN/router that will be directly compatible. This is more likely if you are using IPSEC than if you are using PPTP, since many PPTP products operate in client/server rather than site-to-site mode. One entry-level IPSEC router for site-to-site tunneling is the SonicWALL TELE3. Note that if you're using a Windows 2000/XP/2003 Server as a VPN gateway today, you can just add new security policies for an IPSEC site-to-site tunnel. IPSEC is already part of those operating systems, although many companies prefer using a separate VPN gateway to avoid putting VPN load on the server itself.

If you're looking to reduce VPN costs, you might also want to calculate your VPN capacity to see if you can possibly downgrade your VPN link capacity. This tip explains how to calculate the cost of VPN links, for more information.

 

This was first published in June 2004

Dig deeper on Network Access Control

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchSDN

SearchEnterpriseWAN

SearchUnifiedCommunications

SearchMobileComputing

SearchDataCenter

SearchITChannel

Close