Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

LAN & WAN Reviews

Features - more

Port forwarding on the TW100 has three options: Virtual Server; Special Application and DMZ. The Virtual Server menu is where Port Forwarding rules can be applied.  There are nine predefined traffic types, including AUTH, DNS, FTP, ISAKMP, POP3, SMTP, TELNET, and HTTP.  Up to 20 forwarding rules can be created to any of the predefined traffic types or a user-defined port and then enabled or disabled with a single click.  Figure 8 shows a port forwarding rule to direct FTP traffic to a specific server. Note that separate public and private port numbers can be set and one of 100 schedules can be applied to each rule.

Port forwarding rule for FTP

Figure 8: Port forwarding rule for FTP

Special Applications is where triggered port forwarding rules are created.  Specify an outbound port and inbound port, and the TW100 firewall will permit inbound traffic triggered by the specified outbound flow.  There are six predefined applications, including Battle.net, Dialpad, ICU II, MSN Gaming Zone, PC-to-Phone, and Quick Time 4.  Up to eight rules can be created so that any of the predefined applications will “trigger” the opening of the firewall to permit return or incoming traffic.  Custom triggering rules can also be created to any of the predefined application or a specified port and then enabled or disabled with a single click.

DMZ is also included in the TW100's suite of network security options.

An noted earlier, rules for Packet Filtering and Traffic Control can be enabled/disabled based on 100 customizable time schedules, allowing you to automatically enable and disable network management.  To facilitate time based schedules, the TW100 synchs with a network time server, ensuring it is running on accurate time, including adjusting for Daylight Savings Time.

Rounding out the TW100's firewall controls are simple check boxes to allow UPnP and IGMP traffic on the LAN, as well as to permit passthru of PPTP, L2TP, and IPsec traffic. The TW100 can also detect and block DoS attacks including SYN Attacks, WinNuke, Port Scans, Ping of Death, and Land Attacks. 

Overall, the TW100 firewall is simple to use, but relatively basic.  There are more advanced firewall options out there, but as I'll cover in the end of this review, not many VPN firewall  routers are as cost effective.

In addition to Firewall and VPN capability, the TW100 offers a few other features.  These options are configured in the Advanced Settings and Toolbox menus.  Advanced Settings provides configuration options for syslog, dynamic DNS support, Quality of Service (QoS) configuration, SNMP capability and basic routing support for static and dynamic (RIP v1 and v2) routes.  The Advanced Settings menu is also where schedules are created for use on firewall rules, discussed earlier.

I set up a simple syslog server using the free Kiwi syslog server and configured the TW100 to send its log messages to a PC.  I had to open UDP port 514 on the Windows firewall to allow the traffic to hit the syslog server, but then immediately saw messages coming in from the TW100, as shown in Figure 9.

Kiwi syslog server

Figure 9: Kiwi syslog server

The TW100 provides priority-based Quality of Service (QoS) for controlling upstream traffic  Configuration is done by entering an upstream bandwidth value, then specifying a traffic flow by local IP:port to remote IP:port and selecting priority High, Normal, or Low. 

I did a simple functional QoS test using iperf.  I set the TW100 upstream bandwidth to 10 Mbps, even though the WAN port was connected to a 100 Mbps port.  (In practice, you would set this equal to the maximum upstream bandwidth provided by your ISP.) Without QoS enabled, my LAN-WAN throughput was about 90 Mbps.  With QoS enabled and upstream bandwidth set to 10 Mbps, I saw LAN-WAN throughput at 9.65 Mbps, validating the 10 Mbps limit I set.  The High, Normal and Low settings would then be used to raise or lower priority for specific traffic flows during periods of high network traffic.

Upstream QoS

Figure 10: Upstream QoS

The Toolbox menu provides functions for firmware management, configuration backups, resetting the device to default, rebooting the device and a few other miscellaneous functions.  A nice feature in the miscellaneous menu is Wake-on-LAN functionality.

Wake-on-LAN with a VPN router is very handy and worked well for me on the TW100.  If you have a PC that supports Wake-on-LAN and want to access it remotely, you can save electricity and leave it off except when needed.  This is consistent with the "GREENnet" power saving feature mentioned earlier. 

To use the Wake-on-LAN feature, save the MAC address of your local PC that you want to access remotely in the Wake-on-LAN menu of the TW100 (Figure 11).  Then, VPN into your network, log in to the router, and click “Wake up” in the miscellaneous menu.  Your PC will turn on and once it completes its boot cycle, you'll be able to access it via Remote Desktop Connection or other remote protocols.

Wake On LAN configuration

Figure 11: Wake On LAN configuration

Missing from the TW100, however, is support for IPv6.  Although many of us may not need IPv6 in our small networks today, it's already here for others and will keep those users from purchasing the product.

Routing Performance

Routing performance for the TW100 using our standard test method and 1.00.02 firmware is summarized in Table 1. The 90 Mbps range speeds are essentially 100 Mbps wire speed, with the 141 Mbps total simultaneous result indicating that the routing section is capable of higher speeds than the 100 Mbps ports will support. And, speaking of simultaneous, the TW100 maxed out our simultaneous connection test at 34,925 sessions.

Test Description TW100-BRV214
Throughput - (Mbps)
WAN - LAN 93
LAN - WAN 92
Total Simultaneous 141
Maximum Simultaneous Connections 34,925 (test limit)
Firmware Version 1.00.02
Table 1: Routing throughput

The composite IxChariot plot in Figure 12 of the three routing tests below shows upstream routing has a bit higher variation than downlink.

TW100-BRV214 routing throughput

Figure 12: TW100-BRV214 routing throughput

Use the Router Charts for more comparisons.

More LAN & WAN

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

https://fccid.io/MSQ-RTAXI600
It appears that in the router settings/ui, this is under Firewall>Network Services Filter, but there are a few boxes that I am unsure how to fill, spe...
I am pleased to announce the release of CakeQOS-Merlin!Current Version: 1.0.2 (Changelog)CakeQOS-Merlin is a custom add-on for supported Asus routers ...
HiMy log is populated by noisyAug 12 02:36:46 RT-AX88U-OL hostapd: eth6: STA 84:25:19:72:7c:a0 IEEE 802.11: associatedAug 12 02:36:46 RT-AX88U-OL kern...
Here's a small sample:Code: Aug 11 04:37:38 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=34:a3:95:8c:4b:38:00:01:5c:9d:b2:46:08:00 SRC=139.59.58.115 ...

Don't Miss These

  • 1
  • 2
  • 3