Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

LAN & WAN Features


Updated 6/19/2007: Corrected PPTP information

The Park City Marriott, one day before the opening of The Sundance Film Festival:

Sheila was tall, pretty, and expensive-looking. "So what do YOU do for a living?" she asked.

"Nothing interesting," I replied.

Scoff if you will my brethren, but on a scale from "One" to "Boring," our noble profession ranks just above "Collectible Stamp Salesman" to these strange denizens of the Film Circuit. To prove my theory, I present an alternate line of dialogue:

"Well, I had three weeks to create a mixed-environment network of around 200 machines connected to what I have been told was an unreasonable amount of very expensive switches which linked to each other using STP..." I said.

"Stone Temple Pilots?" she asked.

"No. Spanning Tree Protocol," I replied.

To Sheila, this would not have gone over well; nor would my purgatorial debate over whether to use PPTP or IPsec.

I had pretty much hit the home stretch in the days leading up to the festival opening. The network was in place, with both the Media editors and the Office personnel functioning at acceptable levels. Productivity was up, and there were few complaints. All that remained was to implement the rest of the wireless network, and to create a VPN tunnel to their corporate headquarters, so that the massive amounts of information that were now being generated in ever-increasing volumes could be shared and archived back in California.

By this point, I knew that I would never be entirely satisfied with the network; no true network engineer ever should. Standards are approved, and new methods and protocols invented, on an almost-daily basis. Failing that, there are always about six thousand ways to do any one thing. You'll never have a network that's the end-all and be-all, because network development is a never-ending story. The best you can do is adapt your techniques to the situation at hand while keeping a sharp eye on the available technology

The VPN network had been in the back of my mind since the day I accepted the job. I made every decision regarding the construction of the network with the established protocols and policies of their home network in mind, so that my job would be much easier when it came time to establish the VPN tunnel.


An Elementary explanation of VPN.

Figure 1: An Elementary explanation of VPN.

A Virtual Private Network is basically a means of sharing data between a private network and a client over public space. Typical methods of connecting a VPN include using a modem to dial-in to the VPN server (Dial-Up VPN), where the phone line represents the vulnerable public space, and connecting to the VPN Server through the Internet. Once connected to the VPN, the client has access to all of the network resources they would if they were physically connected to the LAN.

There are many... many different types of VPN (and more are invented daily), but we shall focus on the two most-often used: PPTP and IPsec.

A PPTP Client is included on all current Windows releases.

Figure 2: A PPTP Client is included on all current Windows releases.

PPTP (Point-to-Point Tunneling Protocol) is by far the most popular and widely used implementation of VPN. Chances are, if you own a Windows-based machine that's less than twelve years old, YOU have a PPTP client built in—they've been featured in every release since Windows 95.

PPTP is run with two connections: a Point-to-Point Protocol (PPP) session using the Generic Routing Encapsulation (GRE) protocol to connect the client, and another connection to initiate and manage that session. The advantage of using PPTP is obvious: everyone has it and it is easy to configure. This also plays into its disadvantage: it's very common, and therefore easy to hack. (Not to mention the fact that PPTP authentication methods such as MS-CHAP are a potential weak link.)

IPsec is a set of protocols used for authentication and encryption. Basic IPsec doesn't bother to emulate a point-to-point private connection and therefore only supports routable protocols such as TCP/IP. However, many IPSEC implementations (especially for PC client remote access) implement some kind of layer-2 emulation via encapsulation for maximum flexibility and compatibility.

For our present application of connecting one network to another (using IPsec "Tunnel" mode as opposed to its "Transport" mode), IPsec would be more secure. However, the complexity of that security will come at the cost of processing power and bandwidth.

More LAN & WAN

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

I just got a new Asus router and I installed Merlin and Diversion and so far it's looking amazing, big props to the developers.Anyway, stock Asus only...
v2.5.1 Updated 2020-05-10 Run an NTP server for your network. Graphs available for NTP accuracy on the Addons page of the WebUI.Inspired by kvic's p...
When using the latest Merlin 384.19 firmware, does the RT-AC88U have a tab in the wireless section for Wi-Fi radar. Nice tool that I have used with my...
WelcomeThis is Diversion - the Router Ad-Blocker for Asuswrt-Merlin All install and update infos are on the Diversion website.May 04 2020Diversion 4....
I'm still currently on AsusWRT Merlin 384.13 and trying to do a firmware upgrade to 384.19. I've downloaded the .trx file and tried updating the firmw...

Don't Miss These

  • 1
  • 2
  • 3