Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

LAN & WAN Reviews

VPN

As I said previously, the Plus is the only one of the under $100 VPN endpoint routers to support both PPTP and IPsec tunnels. I found the PPTP setup harder to figure out (although I have to admit I haven't had to futz much with PPTP setups previously), but had better throughput than the IPsec. But let's start with a walkthrough of the IPsec capabilities.

The big complaint about most of the inexpensive VPN endpoint routers is that people have a hard time connecting them to anything other than another of the same make and model router. In the first place, manufacturers don't want to take on the support liability of saying that that their product will work with someone else's. This costs them time and money in support calls, and at the prices that these products sell for (and the fact that support is not charged for), that gets to be a losing proposition pretty quickly. Add in the fact that the manufacturers would have to test the combinations that they say they support, and you can see why most steer clear of the subject.

In the Plus' case, a look at Figure 3 shows that the IPsec setup parameters are even more limited than those offered by competitive products, so you may have even a harder time doing anything other than connecting to another Plus to form a tunnel. On the other hand, connecting to other PPTP-based products may be fine, since it seems like SMC paid more attention to detail in the PPTP implementation, and since PPTP has fewer tunnel setup options than IPsec does.

SMC7004FW: IPsec setup screen

Figure 3: IPsec setup
(click on the image for a full-sized view)

In addition, the IPsec setup instructions in the Barricade Plus VPN IPSEC & PPTP Configuration Guide describe only a router-to-router subnet-to-subnet configuration. Although you can probably configure a tunnel using single IP addresses, you can't configure tunnels using ranges of IP addresses. You also can't set the Plus to connect to a remote gateway ("Security Gateway") using a domain name, or dynamic IP address.

Although you can choose between DES (56 bit), 3DES (168 bit), or disabling Encryption, and MD5, SHA, or disabling Authentication, your Key Management options are limited to setting the SPI (Security Parameter Index) value. This means no IKE, no Pre-shared Key, and no Key Lifetime parameters. PFS (Perfect Forward Secrecy) is not an option either, nor is the ability to control what happens in Phase 1 and 2 of the IPsec tunnel setup or handle Main and Aggressive mode settings.

Fortunately, it seems that NetBIOS broadcast (for Microsoft Network browsing) seems to be enabled by default for both IPsec and PPTP tunnels. This is something that I think all consumer VPN endpoint routers should do, since the "Can I see the guys on the other side of the tunnel?" test is the first thing most people try! It was nice to see machines on the other side of the tunnel in My Network Places / Network Neighborhood shortly after the tunnel was established without having to hunt for any additional settings.

I was lucky that I had done router-to-router IPsec setups before because my settings worked the first time. If they hadn't, I would have been in trouble because there is no logging of IPsec tunnel setup, and no ability to connect or disconnect the tunnels! The only indication of tunnel operation you get is on the Status Screen (Figure 5). I guess the Plus is pretty tenacious in terms of maintaining tunnels, because there's no setting allowing you to auto-reconnect or timeout a connection. The Plus automatically connected as soon as I enabled the tunnel on both ends and stayed connected until I disabled the Tunnel setting.

The bottom line is that the three IPsec tunnels that the Plus can handle will most likely be limited to connections between Pluses, with only the stout-of-Networking-heart attempting tunnels with individual VPN clients or other vendors' products!

More LAN & WAN

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

After 4 days, Port Forwarding rule disappears from router. It can be easily reentered and will persist for approximately the same period, before disap...
I live in a complex that has great broadband. I have been annoyed with my Linksys's inability to keep things running, and since my alexa stuff does no...
Hello to everybody from Italy. It's my first postI recently picked up an DSL-AC68U and installed merlin. For now the only issued that i encountered is...
Hello,Just bought a brand new AX88U router. My issue is connecting to the 2.4ghz band. If I am right next to the router it works fine but if I move to...
Greetings,Just setup a R6700V3 to replace an 8 year old D-Link 655. Roku Premiere was killing the 655 every 4-24 hours.My Windows 10 PC connects via e...

Don't Miss These

  • 1
  • 2
  • 3