Which professional routers have a VPN to connect us to the company?
Manufacturers of professional routers often integrate VPN servers and clients to establish secure connections with other sites (site-to-site VPN) or remote access connections for users (RoadWarrior). In a small and medium-sized company, it is essential to use this technology to remotely access all the local resources of the company, but also to intercommunicate the offices of the same company. Today in RedesZone we are going to recommend a series of professional VPN routers ideal for SMB environments.
Link D
Manufacturer D-Link has been a leader in the SMB segment for years, not just in L2 and L3 switching with its latest switches DGS-3630 et DGS-3130 L3 , but also with professional routers with VPN to remotely access local company resources (Remote Access VPN) and to interconnect different sites (Site-to-Site VPN).
Currently, D-Link offers two models of professional routers with VPN which are widely used by businesses and which over time have been updated both at the hardware level with new components, as well as at the firmware to have the latest industry technologies. .
D-Link DSR-250N
The main hardware features of this professional router are the incorporation of a Gigabit Ethernet port for the WAN Internet and a total of 8 Gigabit Ethernet ports for LAN . It also has the N300 Wi-Fi in the 2,4 GHz band , to provide Wi-Fi connectivity when needed. Other important features are the addition of a USB port 2.0 to extract logs to a removable storage device, easily perform firmware updates, and even insert a 3G / 4G USB dongle for enterprise redundancy. Finally, it has a RJ-45 console port to manage this professional router locally via CLI.
This router not only works as a VPN client / server, but also as integrated router and firewall . Some of the main features of its firmware are that we can configure WAN connections with Static and Dynamic IP (DHCP), establish PPPoE / L2TP / PPTP sessions and even allow the establishment of multiple PPPoE connections. We can also create multiple static routes, use dynamic DNS, perform NAT / PAT functions, and allow content filtering with static URLs or keywords. Another important feature of firmware is that it has a intrusion prevention system based on signatures that are embedded in the firmware, and we can have different authentication methods (internal database, RADIUS, LDAP, AD, NT domain etc.)
At the network level, this professional router has a DHCP server / client, DHCP Relay, supports 802.1Q-based VLANs , allows you to configure the inter-vlan routing so that this router is able to interconnect VLANs that come from a managed switch, it also supports VLANs per port, it is able to handle multicast traffic with IGMP Proxy and also IGMP Snooping, it fully supports IPv6 networks and redundancy via a USB 3G / 4G dongle.
Regarding VPNs, it is capable of establishing a total of 75 VPN tunnels, 25 IPsec tunnels, 5 SSL VPN tunnels, 25 PPTP / L2TP tunnels, 10 GRE tunnels and 10 OpenVPN tunnels. The firmware supports 128-bit and 256-bit AES encryption, as it also supports encryption that is currently not considered secure, such as DES or 3DES. Of course, the firmware has IPsec with NAT, DPD, AH and ESP traversal.
According to D-Link, this professional router offers speed through the firewall of 750 Mbps, if we use a VPN with 3DES encryption, the performance is 50 Mbps, so if we use more robust encryption such as AES, the performance will be lower because it does not have hardware encryption acceleration. We will be able to perform a total of 20 simultaneous TCP sessions, with a maximum of 000 sessions per second, and the possibility of having up to 200 policies in the firewall.
We recommend that you visit the D-Link DSR-250N official website where you will find all the details of this equipment.
D-Link DSR-1000AC
This D-Link DSR-1000AC router is currently the top of the line from manufacturer D-Link. The main features at the hardware level of this professional router are the incorporation of two Gigabit Ethernet ports for the WAN Internet. Therefore, we will have a dual wired WAN with support for FTTH operators in Spain because we can configure the VLAN ID of each interface on the WAN. In addition, this router also has USB 2.0 ports, so one can use a 3G / 4G USB dongle to have a triple WAN and have the best possible redundancy so as not to end up without an Internet connection. This model also has a total of four Gigabit Ethernet ports for the local network and a RJ-45 console port to manage this professional router locally via CLI.
At the wireless level, this equipment is dual-band simultaneous with the AC1750 Wi-Fi, we can reach a speed of up to 450Mbps in the 2,4GHz band, and a speed of up to 1300Mbps in the 5GHz band thanks to the Wi-Fi. Fi 5 Ce The wireless network of the router is medium-high range, so we can achieve very high speeds over Wi-Fi, and not only that, but we can create different SSIDs and assign them to different VLANs, like s' it was a professional access point.
This router not only works as a VPN server / client, but works have as a router and a built-in firewall.. Concretely, it has exactly the same options as its little brother the DSR-250N, such as being able to configure WAN connections with static IP, dynamic (DHCP), PPPoE / L2TP / PPTP. The firmware will allow us to create multiple static routes, but this model also allows the use of dynamic interior gateway routing protocols such as RIP and OSPF, which the previous model could not do. Other features are the possibility of using dynamic DNS, it does NAT / PAT functions, it allows content to be filtered with a static URL or with keywords, it has an IPS based on signatures which are incorporated in the firmware, and you can have different authentication methods (internal database, RADIUS, LDAP, AD, NT domain etc.)
At the network level, this professional router has a DHCP server / client, DHCP Relay, supports 802.1Q-based VLANs , allows you to configure the inter-vlan routing to interconnect VLANs that come from a managed switch, supports VLANs per port, is able to handle multicast traffic with IGMP Proxy and also IGMP Snooping, it fully supports IPv6 networks and allows you to configure the load balancing between the two wired WANs, and even has a "route failover".
Regarding VPNs, it is capable of establishing a total of 155 VPN tunnels, 70 IPsec tunnels, 20 SSL VPN tunnels, 25 PPTP / L2TP tunnels, 20 GRE tunnels and 20 OpenVPN tunnels. The firmware supports 128-bit and 256-bit AES encryption, as it also supports encryption that is currently not considered secure, such as DES or 3DES. Of course, the firmware has IPsec with NAT, DPD, AH and ESP traversal.
According to D-Link, this professional router offers speed through the firewall of 950 Mbps, if we use a VPN with 3DES encryption, the performance is 250 Mbps, so if we use more robust encryption such as AES, the performance will be lower because it does not have hardware encryption acceleration. We will be able to perform a total of 100 simultaneous TCP sessions, with a maximum of 000 sessions per second, and the possibility of having up to 1000 policies in the firewall.
We recommend that you visit the D-Link DSR-1000AC official website where you will find all the details of this equipment.
In the following video, you can see in detail what these two professional routers with D-Link VPN look like, and you can also see their full configuration firmware:
HAS HIS
ASUS is one of the best home router manufacturers on the market, as it not only has top-of-the-line routers with the newest hardware on the market, but also truly comprehensive firmware with hundreds of configuration options. , ideal for "experienced users". maximum play to the team. A few years ago, the manufacturer launched a professional VPN router specifically geared towards small and medium-sized business environments, using the same Asuswrt firmware but with added vitamins, and it has even more built-in features.
ASUS BRT-AC828 Dual WAN VPN
The ASUS BRT-AC828 Dual WAN VPN Professional Router is a high-end device with really powerful hardware and firmware that has everything you need to use it in small and medium-sized businesses.
The main wireless features of this router are that it integrates simultaneous dual band with AC2600 Wi-Fi, it has a 2,4 GHz band capable of delivering a speed of up to 800 Mbps and in the 5 GHz band we can achieve a speeds up to 1 Mbps . This router has four external antennas in MIMO 4T4R configuration in the 2,4 GHz band, and four external antennas in MU-MIMO 4T4R configuration in the 5 GHz band, moreover, in this frequency band we can have 160 MHz channel width in 80 + 80 configuration. Of course, it also has Beamforming technology to focus the wireless signal on the clients and achieve maximum coverage and speed.