Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

LAN & WAN Reviews

Interfaces

Of the USG100’s seven Gigabit interfaces, the first two ports are designated as WAN interfaces and the other five separate internal traffic into various LANs. Even though the WAN ports will likely be connected at far lower speeds than 1000 Mbps, it is encouraging to have this level of functionality in all ports on a router. MTU is adjustable by interface, but only from 576-1500 bytes; jumbo frames are not an option.

The default configuration has Ports 1 and 2 designated for WAN connections, Ports 3 and 4 for LAN1, Port 5 is for LAN2, Port 6 for a wireless LAN intended to connect to an Access Point, and Port 7 for the DMZ. Ports 3-7 can be reconfigured to any of these four designations, though, as shown in Figure 5 below.

Port Assignment

Figure 5: Port Assignment

As you can see in the status screen in Figure 6, there are different subnets for the LAN1, LAN2, WLAN, and DMZ interfaces. The value in running different subnets for each of the LANs is the ability to control traffic between each of your networks using Firewall rules which can be applied by interface, IP, or subnet.

Interfaces
Click to enlarge image

Figure 6: Interfaces

In addition to the seven gigabit Ethernet interfaces, the PCMCIA slot on the back of the USG100 will support a 3G WWAN card or an 802.11b/g WLAN card. Further, a 3G USB WWAN device can be connected to one of the two USB ports on the front of the USG100.

VLANs

Dividing a network into multiple subnets effectively provides the value of VLAN broadcast control without using expensive managed switches. With the above configuration on my test USG100, a PC connected to an unmanaged switch off the LAN1 interface received an IP in the 192.168.21.0/24 subnet, while a  PC connected to another unmanaged switch off the DMZ interface received an IP in the 192.168.13.0/24 subnet.

Further, multiple VLANs can be configured on a single USG100 interface, allowing the USG100 to be connected to a managed switch that supports 802.1q VLANs. The USG100 can then be configured with different DHCP servers per VLAN, enabling 1-1 subnet to VLAN network mapping.

I tested this functionality by configuring two different VLANs on the LAN1 interface of the USG100 with separate DHCP servers for each VLAN as listed in Figure 7 below. I then configured a Netgear GS716T managed switch with the same VLANs, and assigned the new VLANs to two different ports on the switch.

Interfaces
Click to enlarge image

Figure 7: VLANs

There were a few more configurations applied in the GS716T. But the end result was I could plug a PC into the appropriate ports of the GS716T and get an IP addresses corresponding to the VLAN assignments in the USG100, validating the USG100's recognition of 802.1q VLAN tags.

Routing

Configurable routing options include Policy Routes, Static Routes, RIP and OSPF. Policy Routes are the workhorse for controlling traffic through the USG100. The Policy Route option in the USG100 allows for defining traffic paths based on incoming interface, source and destination subnets, service (protocol), and a next-hop destinations such as an interface or IP.

In Figure 8, I've configured the top Policy Route to route traffic to a subnet behind another router. The traffic being routed is originating on the LAN2_SUBNET (192.168.3.0/24) and going to a subnet behind another router, defined by an object I created called DFLLAN (192.168.10.0/24). The next-hop for this traffic is the IP address of the other router, which I created in an object called DFL.

Policy Routes
Click to enlarge image

Figure 8: Policy Routes

 

The second Policy Route shown in Figure 8 is to route traffic over the VPN tunnel. This configuration specifies that traffic originating from my internal subnet (LAN2_SUBNET) going to a remote subnet (ZLAN) accessible over the VPN tunnel is reachable via an object called ZVNTest, which specifies the IP address at the other end of my VPN tunnel.

More LAN & WAN

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

I'm having an issue I'm hoping someone can help me with. I have several media devices in my home which all connect to my Asus RT-AC88U router on the 5...
My friend just bought the R8000 for $224.99 but could have got the R8000P for $243.99He's not very techy. He need just reliability and range. Should I...
hello guys i have a question befor buy asus ax88u. Can i select which device must use vpn or not? thank you
Hi everyone,Finally! I am in this forum, glad to meet and mingle with each and everyone of you. See you around guys!
I have an APC Back-UPS connected via USB to my Qnap NAS but I'd like to move it to my RT-AC87U running 384.13_1, which would then notify power events ...

Don't Miss These

  • 1
  • 2
  • 3