Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

NAS Reviews

Firewall Features

Given the premium price that ioGEAR and Tritton are asking for their products, I was surprised to find the products' firewalls both missing important capabilities and buggy in the features they did have. But in the interest of trying to stay positive, I'll cover the better stuff first.

The ASAP / BOSS has two capabilities not typically included in consumer routers - Multiple NAT and IP Alias. Multiple NAT allows users that have multiple public IP address from their ISP to assign specific LAN clients to share a particular public IP address. This is mostly useful for business users and most useful for distributing server load.

The IP Alias feature - a first for me - lets you have LAN clients in up to three IP address ranges in addition to the 172.16.1.X or 192.168.2.X supported by the ASAP and BOSS' default settings. This could be handy for larger networks, or those with statically assigned IP addresses.

You also get to control some of the Stateful Packet Inspection (SPI) aspects of the firewall via the Denial of Service page (Figure 5).

BOSS Denial of Service settings

Figure 5: BOSS Denial of Service settings

Access to Internet services is controlled by the IP Filter capability, which provides five sets of IP address ranges that can each have four single ports and one port range blocked (Figure 6). But since the IP Filter Group must be specified in "slash" notation (example / 24), you're pretty much limited to having the filters apply to all clients on your LAN - not very helpful.

BOSS IP filter settings

Figure 6: BOSS IP filter settings

From these high points, however, the firewall feature set heads steadily downhill. First, you can forward only ten, single, static IP addresses via the Virtual Server feature, and neither port ranges, nor triggered mapping nor "loopback" is supported. You currently can't even make up for the miserly number of forwarded ports by using DMZ, since it's not available either. When I asked about these missing features, ioGEAR said they will be added in a future firmware release, while Tritton would say only that they'll "look into" adding the features.

Next, though you get ten URL filters, they aren't very robust. You can't enter keywords and instead must enter URLs with a .com, .net, etc. (i.e. "" not just "yahoo"). I found that sub-domains (i.e. are not automatically handled and you can't enter a sub-domain wildcard (i.e. * either. By the way, note that the URL filters, IP filters and Virtual Servers aren't schedulable, a feature found on routers costing far less.

The worst "feature", however, is the major security hole opened as soon as you enable the ASAP / BOSS' file sharing features. I'll describe that later in the File Sharing section, but for now, let's move on to the VPN features and performance.

More NAS

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

Ever since i upgraded to the 384.11 build i'm facing issues with PPPOE connection dropping . I started using PPPOE since that version , before i used ...
Sometimes the situation may arrive when your Samsung printer stops working. This is an indication of some risky activity. The reason may be the techni...
So I have had the RBK23 for a few months now but just opened the box as we moved into our new house. I have had so many issues since installing it's d...
I want to setup a router for Dual Band-TeamingI'm thinking of buying a Asus RT-AC68U or a NETGEAR Nighthawk X4S AC2600 R7800Is one better for a Teamin...
1. Primary Router must be Merlin latest release. Download from the website. After flashing, Enable SSH in administration>system. Enable WAN+LAN option...

Don't Miss These

  • 1
  • 2
  • 3