Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

LAN & WAN Reviews

VPN

The FVS318G supports up to five Site-to-Site and Client-to-Site IPsec tunnels (total, not each).  All typical encryption algorithms are supported, including DES, 3DES, AES-128, AES-192, and AES-256. 

The 318G comes with a single license for NETGEAR's ProSafe VPN Client software, version 10.8.3, which installed easily on my Windows Vista laptop.  The ProSafe VPN Client is a NETGEAR-branded version of SafeNet's SoftRemote software (Figure 12) , which SafeNet lists on their website for $149 / license. 

VPN client info

Figure 12: VPN client info

Unlike the 336G, the 318G doesn't also support Client-to-Site SSL VPN tunnels, which provide secure access via web browser, or browser-downloaded applet. (However, I must point out that I recently had trouble with my 336G's SSL VPN certificate, and haven't been able to get it resolved.)

I was pleasantly surprised at how easy it was to configure an IPSec Client-to-Site tunnel on the 318G.  I used NETGEAR's Wizard to set up the router's VPN Client configurations, and I found the NETGEAR manual useful in walking me through the configurations on the ProSafe Client Software.  It took only a couple minutes to create the IKE and VPN policies on the router, install and configure the software on my laptop, and make a connection. 

As with the 336G, NETGEAR offers a Mode Config option that allows remote VPN clients to be assigned an IP address in a different subnet than the devices on the LAN.  This is a useful feature to restrict remote clients from accessing various services on the LAN.

I liked the fact that the 318G has a pop-up window within its menus that shows all the default values used by the VPN Wizard (Figure 13).  One of the biggest challenges in configuring VPN tunnels is getting all the values on both ends to match.  Matching values can be difficult when the end devices, such as a router and client software, have different field names and menu locations for the various values.  So NETGEAR's pop-up display listing the default values is very handy.

VPN wizard defaults

Figure 13: VPN wizard defaults

However, it would be more useful if all the values shown in the pop-up matched all the values used by the Wizard.  The pop-up says the wizard's default local and remote WAN ID values are fvx_local.com and fvx_remote.com as shown in Figure 13.  Unfortunately, the 318G’s actual default local and remote WAN ID values are fvs318g_local.com and fvs318g_remote.com

I caught this error when configuring my IPSec VPN Client tunnel. But folks less experienced with IPsec setup might not have caught it. I hope NETGEAR sorts this out in a firmware update.

I had no problem setting up an IPSec Site-to-Site tunnel between an FVS318G and an FVS336G.  Since both are NETGEAR routers with similar menus, I used the VPN Wizard on both to create and enable a tunnel in minutes. 

I also set up an IPSec Site-to-Site tunnel between the 318G and a ZyXEL USG100 to see if the NETGEAR would play well with another brand.  It did, and was also quick and easy, using the VPN Wizards on both the NETGEAR and the ZyXEL to set up the configurations.

The FVS318G is rated to support up to 5 simultaneous IPSec VPN tunnels.  Using my two other VPN routers, I was able to run 2 simultaneous Site-to-Site tunnels and a Client-to-Site tunnel for a total of 3 simultaneous IPSec VPN tunnels on the 318G (Figure 14).

Three tunnels up

Figure 14: Three tunnels up

Additional VPN features on the 318G include the ability to add new certificates for security identification.  NETGEAR includes a self-signed certificate, which worked fine for my IPSec VPN tests, but isn't as secure as a certificate signed by a third party.

More LAN & WAN

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

https://fccid.io/MSQ-RTAXI600
Asuswrt-Merlin 384.19 beta is now available (except for the RT-AX56U which won't be available for this release, due to outdated GPL code).Aug 9th: Bet...
Hello. After updating to the latest _18 firmware, I could no longer pull my full gigabit wan to lan. It seems to cap out around 620-650. This is with ...
Hi all,I have an RT-AC68P router set up as my main mesh node and an RT-AC68U as the client mesh node. It seems one of these is acting up. I get freque...
i have an asus rog rapture gt-ac5300. it was working fine when suddenly there was a power interruption that cause may router to soft brick... cant acc...

Don't Miss These

  • 1
  • 2
  • 3