Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

LAN & WAN Reviews

VPN

The last button in the 9000VPN's bag of special tricks brings up its VPN functions. Both PPTP (Figure 10) and IPsec servers (Figure 11) are supported, with 10 connections allowed for PPTP and, theoretically, up 100 IPsec tunnels.

OvisLink MU-9000VPN PPTP server setup

Figure 10: PPTP server setup

I provide the "theoretically" caveat because my test of an IPsec router-to-router tunnel using a MU-9000VPN and its WMU-9000VPN wireless sibling yielded the disappointing results shown in the table below.

IPsec VPN Performance test results

Firmware Version:

1.01.039 Mon Jun 7 15:14:11 CST 2004

Test Description

Transfer Rate (Mbps)

[1MByte data size]

Response Time (msec)
[10 iterations 100Byte data size]

UDP stream 
[10S@500 kbps]

(Actual throughput- kbps)

(Lost data- %)

Local to Remote

0.736

 5 (avg)
6 (max)

221

52 %

Remote to Local

0.613

 10 (avg)
58 (max)

128

71 %

[Details of how we test can be found here.]

OvisLink MU-9000VPN IPsec server setup

Figure 11: IPsec server setup

This result isn't surprising, given that the Brecis processor that powers both 9000VPN's doesn't include an encryption co-processor.

The IPsec configuration parameters are minimal, though adequate for setting up a tunnel between two 9000VPNs as I did. Only 3DES encryption is supported, but you get a choice of MD5 or SHA1 for Authentication. Key Management is limited to IKE only, but you can enable Perfect Forward Secrecy (PFS) and set the key lifetime.

Updated 4 August 2004 OvisLink will be adding support for AES tunnel encryption in their version .41 firmware.

I should also note that the 9000VPN doesn't provide tunnel setup logging. You can only check the SPI (Security Parameters Index) information via the Show IPsec SPI Information button after setup to see whether anything appears. If the information is blank, however, you'll have no clue as to what is wrong with your setup.

Updated 4 August 2004
I retested the PPTP server portion of the 9000VPN using correct configuration information that OvisLink has incorporated into a stand-alone VPN Setup Guide (PDF), which also contains IPsec tunnel setup information. This time I was able to both establish a PPTP connection and run a set of Qcheck tests whose results are shown in the table below.

PPTP VPN Performance test results

Firmware Version:

1.01.039 Mon Jun 7 15:14:11 CST 2004

Test Description

Transfer Rate (Mbps)

[1MByte data size]

Response Time (msec)
[10 iterations 100Byte data size]

UDP stream 
[10S@500 kbps]

(Actual throughput- kbps)

(Lost data- %)

Local to Remote

3.6

 4 (avg)
6 (max)

499

0 %

Remote to Local

3.1

 5 (avg)
6 (max)

195

61 %

[Details of how we test can be found here.]

Throughput is significantly higher than what I obtained in my IPsec tunnel tests, primarily because the 9000VPN PPTP server uses encryption only for the login process and does not encrypt data traffic.

Fortunately, if you can't, or don't want to, use either the IPsec or PPTP servers, you can instead use VPN pass through with IPsec, PPTP or L2TP client applications. And if you want to run a different IPsec, PPTP or L2TP server on the 9000VPN's LAN side, OvisLink says the firewall will handle those protocols when you configure a firewall rule to expose the server.

More LAN & WAN

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

This is my first post. Not sure if it's in the right place. My router Rt-ac68r running latest Merlin 384.11_2 has shown a strange connected clients ma...
Hi,I'm currently on the lookout for a router that is capable of delivering speeds of 1000/1000 mbps in a small apartment (~ 350 sq ft) with only a liv...
How does one? I cannot find any guide that really explains things.I get this error:*** Error: No ext2|ext3|ext4 partitions available. Exiting...So I n...
About how fast is the AC66U-B1 or AC86U? with HW acc Disabled? WAN throughput wise? I couldn't find much other than with it most likely turned on from...
Anyone knows what this is all about?avahi_key_new() failedI get this a lot not a while and them it stops.A search on the forum reviled nothing.I keep ...

Don't Miss These

  • 1
  • 2
  • 3