This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.
COURSE of the MONTH
10 days, 11 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
vpn firewall throughput
Posted on 2013-01-01
I have a Netgear ProSafe VPN Firewall (FVS 318) and it is still working.
The Internet service provider has upgraded their speed (for the same price), but I am not seeing the speed increase.
If I go directly from the cable modem to my computer, I get around 25Mbps. Once the Netgear firewall is in-line, my connected speed drops way back down to around 5Mbps.
I know almost nothing about cyber-security, and this piece of equipment was purchased on the recommendation of someone who did know - but that was several years ago. All I know is I want to be safe while Internet surfing and safe from cyber-attack (however unlikely.) Worms moving from computer to computer in the home network are still a concern too.
My home network is 5 (wired) nodes, and off one drop there is a wireless TP-Link router (TL-WA801ND) for my daughter's iPod connectivity.
The Netgear Firewall is 10/100, but does the "100" speed only apply to wired connections between nodes on my home network? (and NOT Internet?)
I now see that it "only" has 12.5Mbps throughput, so is that why the 25Mbps signal is dropped or rejected or whatever, and drops down to less than 5Mbps?
Can I turn of the VPN functionality (if that is wise) and get a faster throughput (making it a firewall/router) ?
Or, if I want to see the high speed from the Internet provider, do I need to upgrade to a different VPN Firewall, with faster throughput? (Like the Netgear FVS318G-100NAS0)
Any help will be appreciated. Remember, I am spewing out buzzwords, not understanding this technology at all.
Thanks,
Dennis
The Internet service provider has upgraded their speed (for the same price), but I am not seeing the speed increase.
If I go directly from the cable modem to my computer, I get around 25Mbps. Once the Netgear firewall is in-line, my connected speed drops way back down to around 5Mbps.
I know almost nothing about cyber-security, and this piece of equipment was purchased on the recommendation of someone who did know - but that was several years ago. All I know is I want to be safe while Internet surfing and safe from cyber-attack (however unlikely.) Worms moving from computer to computer in the home network are still a concern too.
My home network is 5 (wired) nodes, and off one drop there is a wireless TP-Link router (TL-WA801ND) for my daughter's iPod connectivity.
The Netgear Firewall is 10/100, but does the "100" speed only apply to wired connections between nodes on my home network? (and NOT Internet?)
I now see that it "only" has 12.5Mbps throughput, so is that why the 25Mbps signal is dropped or rejected or whatever, and drops down to less than 5Mbps?
Can I turn of the VPN functionality (if that is wise) and get a faster throughput (making it a firewall/router) ?
Or, if I want to see the high speed from the Internet provider, do I need to upgrade to a different VPN Firewall, with faster throughput? (Like the Netgear FVS318G-100NAS0)
Any help will be appreciated. Remember, I am spewing out buzzwords, not understanding this technology at all.
Thanks,
Dennis
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
6-
5
2
13 Comments
Active today
You may need to replace your router with a newer and faster router.
I had a Linksys RV042 router and as the cable supplier in my area gradually raised speeds to "as high as" 25Mbits/sec, I could only get 8Mbits/second through the router. I could get 20Mbits/second directly connected.
I replaced the router with a Cisco RV042G Gigabit router and I now get between 17 and 20Mbits throughput depending on time of day a load.
So a simple router upgrade did it. ... Thinkpads_User
I had a Linksys RV042 router and as the cable supplier in my area gradually raised speeds to "as high as" 25Mbits/sec, I could only get 8Mbits/second through the router. I could get 20Mbits/second directly connected.
I replaced the router with a Cisco RV042G Gigabit router and I now get between 17 and 20Mbits throughput depending on time of day a load.
So a simple router upgrade did it. ... Thinkpads_User
Thanks for the quick reply, Thinkpads_User.
My understanding of the VPN capabilities is so limited, I don't know if I even use the device as a VPN or not - however, it is a hardware firewall, and I don't want to give up that functionality.
So, I would at least be looking for a firewall-router, or a firewall-switch.
Dennis
My understanding of the VPN capabilities is so limited, I don't know if I even use the device as a VPN or not - however, it is a hardware firewall, and I don't want to give up that functionality.
So, I would at least be looking for a firewall-router, or a firewall-switch.
Dennis
Active today
I understood from your question that you also wanted the fastest internet speed. My response was to address that need.
Right now my fastest upload speed is still around 0.6Mbits/second, the VPN through my new RV042G is no faster than VPN through the older RV042. Both of these are hardware VPN devices and I have site to site tunnels connected to my main clients.
So a new router will not likely speed up VPN, but it probably will speed up browsing. I certainly am happy with my new router.
.... Thinkpads_User
Right now my fastest upload speed is still around 0.6Mbits/second, the VPN through my new RV042G is no faster than VPN through the older RV042. Both of these are hardware VPN devices and I have site to site tunnels connected to my main clients.
So a new router will not likely speed up VPN, but it probably will speed up browsing. I certainly am happy with my new router.
.... Thinkpads_User
Hi Thinkpads_User,
I appreciate your input. I kinda bounced around with my questions, but I am not looking for just a router, but rather want to keep the hardware firewall functionality.
Based on Netgear calling mine a "10/100", I was quite surprised to see it has a maximum throughput of 12.5Mbps (that is not how it was originally advertised - or I did not know what spec to look at.). And, I'm also surprised that my Internet didn't throttle back to fit that (even 12.5 would have been 2.5x faster than my current connection through the firewall.) The Internet dropped all the way beck to below 5Mbps.
The next Netgear in the line, at $139, the FGS318-100NAS has a 25Mbps throughput, but gets a lot of poor reviews.
So, I'm looking for recommendations for a relatively inexpensive hardware firewall-switch with at least a 25Mbps throughput. If I ever do need VPN functionality again I can (temporarily) plug in my old FVS318.
Thanks again for your assistance,
Dennis
I appreciate your input. I kinda bounced around with my questions, but I am not looking for just a router, but rather want to keep the hardware firewall functionality.
Based on Netgear calling mine a "10/100", I was quite surprised to see it has a maximum throughput of 12.5Mbps (that is not how it was originally advertised - or I did not know what spec to look at.). And, I'm also surprised that my Internet didn't throttle back to fit that (even 12.5 would have been 2.5x faster than my current connection through the firewall.) The Internet dropped all the way beck to below 5Mbps.
The next Netgear in the line, at $139, the FGS318-100NAS has a 25Mbps throughput, but gets a lot of poor reviews.
So, I'm looking for recommendations for a relatively inexpensive hardware firewall-switch with at least a 25Mbps throughput. If I ever do need VPN functionality again I can (temporarily) plug in my old FVS318.
Thanks again for your assistance,
Dennis
Active today
Where is your DHCP server?
Before getting the faster router (which includes my DHCP server), I got a 3-Com (HP) Gigabit switch. I had my Desktop plugged into the router and my laptop plugged into my switch. I was getting 100 Mbits/sec throughput (limited by the router). I moved the desktop to the switch and throughput promptly dropped in half. I concluded that the router (source of DHCP) plays a part.
I put the desktop back on the new faster router and now I get very high broadband speeds as well as very fast network transfers.
So my point is twofold then. A faster switch alone will not give faster transfers or broadband speeds, and, you need the fastest router (not switch) that you can get to obtain the best broadband speeds.
In my case, at least, all this stuff works together.
.... Thinkpads_User
Before getting the faster router (which includes my DHCP server), I got a 3-Com (HP) Gigabit switch. I had my Desktop plugged into the router and my laptop plugged into my switch. I was getting 100 Mbits/sec throughput (limited by the router). I moved the desktop to the switch and throughput promptly dropped in half. I concluded that the router (source of DHCP) plays a part.
I put the desktop back on the new faster router and now I get very high broadband speeds as well as very fast network transfers.
So my point is twofold then. A faster switch alone will not give faster transfers or broadband speeds, and, you need the fastest router (not switch) that you can get to obtain the best broadband speeds.
In my case, at least, all this stuff works together.
.... Thinkpads_User
Active today
If you want a good commercial firewall, look at the Juniper firewalls. The SSG5 is a good entry level firewall with good speed ratings. I use these at clients, but the Internet speeds are lower at this point so we have not taxed the Juniper boxes to their limits.
The SSG5 can work as a VPN firewall and also includes a router if you wish to use it.
.... Thinkpads_User
The SSG5 can work as a VPN firewall and also includes a router if you wish to use it.
.... Thinkpads_User
Active 2 days ago
Dennis,
You're pretty confused about the relationship between 10/100 and the speeds you're getting.
The 10/100 is a reference to hardware: at one time, ethernet connections could accommodate only 10mbits/second as a result of constraints imposed by the hardware.
More modern hardware could accommodate speeds of up to 100mbits/second.
And now even more modern hardware accommodates speeds of up to 1000mbits/second (gigabit).
The designation 10/100 means that your router will happily talk to either of the first two generations of hardware at the rate they are capable of talking. It'll also talk to gigabit-capable hardware, but the gigabit hardware will throttle back to accommodate you. That's irrelevant here, because your internet connection doesn't exceed 100mbits/second. So there's nothing about the 10/100 that creates a problem for you.
Your problem is that communications between LAN and WAN (the local network interface and the internet interface) on that particular router are capped at about 12.5mbits/second; this isn't a function of the 10/100 jacks, it's a function of the lack of brainpower (processing power) in the router. It just can't think fast enough to allow faster throughput (though it will allow much faster throughput between machines on your own local network).
So if your incoming internet speed is higher than 12.5mbits/second, you won't get the benefit of the additional speed using this router, and there's nothing you can do about it short of changing routers.
You are not using the VPN in this router at all. A VPN is a virtual private CONNECTION: it is a highly secure tunnel between two points. You only have one point: your router. The VPN would be used if you had two such routers at different offices that were talking to each other, or if you were using one of your laptops at Starbucks, and wanted to establish a secure connection to your home network. Either of those scenarios would be one where you would use the VPN...but that's not what you're doing.
EVERY router is a firewall, in that it discards incoming packets that weren't anticipated. There's no such thing as a router that is not a firewall.
So I would say that all you need is a router with faster LAN/WAN throughput; no need for a VPN router at all.
One that you might want to consider is a Cisco/Linksys RV042 or RV082; these workhorses were sold by the zillions, and are pretty well understood. The RV042 10/100 version (there's a gigabit version now, but it's probably overkill) will accommodate 54mbits/second incoming (WAN to LAN) and 80mbits/second outgoing (LAN to WAN).
You're pretty confused about the relationship between 10/100 and the speeds you're getting.
The 10/100 is a reference to hardware: at one time, ethernet connections could accommodate only 10mbits/second as a result of constraints imposed by the hardware.
More modern hardware could accommodate speeds of up to 100mbits/second.
And now even more modern hardware accommodates speeds of up to 1000mbits/second (gigabit).
The designation 10/100 means that your router will happily talk to either of the first two generations of hardware at the rate they are capable of talking. It'll also talk to gigabit-capable hardware, but the gigabit hardware will throttle back to accommodate you. That's irrelevant here, because your internet connection doesn't exceed 100mbits/second. So there's nothing about the 10/100 that creates a problem for you.
Your problem is that communications between LAN and WAN (the local network interface and the internet interface) on that particular router are capped at about 12.5mbits/second; this isn't a function of the 10/100 jacks, it's a function of the lack of brainpower (processing power) in the router. It just can't think fast enough to allow faster throughput (though it will allow much faster throughput between machines on your own local network).
So if your incoming internet speed is higher than 12.5mbits/second, you won't get the benefit of the additional speed using this router, and there's nothing you can do about it short of changing routers.
You are not using the VPN in this router at all. A VPN is a virtual private CONNECTION: it is a highly secure tunnel between two points. You only have one point: your router. The VPN would be used if you had two such routers at different offices that were talking to each other, or if you were using one of your laptops at Starbucks, and wanted to establish a secure connection to your home network. Either of those scenarios would be one where you would use the VPN...but that's not what you're doing.
EVERY router is a firewall, in that it discards incoming packets that weren't anticipated. There's no such thing as a router that is not a firewall.
So I would say that all you need is a router with faster LAN/WAN throughput; no need for a VPN router at all.
One that you might want to consider is a Cisco/Linksys RV042 or RV082; these workhorses were sold by the zillions, and are pretty well understood. The RV042 10/100 version (there's a gigabit version now, but it's probably overkill) will accommodate 54mbits/second incoming (WAN to LAN) and 80mbits/second outgoing (LAN to WAN).
Thinkpads_User,
Ooooohhhhh that Juniper is spendy! Yikes, over $500. This is for a home network, and I can't justify one at that cost (even if it is worth every penny.)
akahan,
Well now I am much less confused. Thank you.
I have not heard "every router is a firewall" before. Are there ANY advantages (real-world security) to a device hawked as a "hardware firewall" or is that just marketing/misnomer?
The Cisco/Linksys RV042 router you mention is 4 ports. I need 6 drops, so a switch with 8 ports seems like a good fit.
Any comments on the D-Link DSR-150 router? I cannot find much info on them, but at around $108, it is affordable (8 ports, 45Mbps firewall throughput, VPN throughput 25Mbps - if I ever need it)
(http://www.dlink.com/us/en
Dennis
Ooooohhhhh that Juniper is spendy! Yikes, over $500. This is for a home network, and I can't justify one at that cost (even if it is worth every penny.)
akahan,
Well now I am much less confused. Thank you.
I have not heard "every router is a firewall" before. Are there ANY advantages (real-world security) to a device hawked as a "hardware firewall" or is that just marketing/misnomer?
The Cisco/Linksys RV042 router you mention is 4 ports. I need 6 drops, so a switch with 8 ports seems like a good fit.
Any comments on the D-Link DSR-150 router? I cannot find much info on them, but at around $108, it is affordable (8 ports, 45Mbps firewall throughput, VPN throughput 25Mbps - if I ever need it)
(http://www.dlink.com/us/en
Dennis
Active 2 days ago
The RV082 has eight ports, and is otherwise pretty much the same as the RV042, so that'd probably do it for you.
And yup, EVERY router is a hardware firewall.
The DSR-150 has a single WAN interface. If you have only one internet service provider, that's fine. A reason to have dual WAN interfaces (as offered by the RV042 and RV082) is you can have multiple ISPs (Cable and ADSL, for example) with automatic failover...if one of them goes down, the router automatically switches to the other.
Other than that, it's quite feature rich, and certainly adequate for the application you're describing if it does what its specifications say it does; my caveat is that I haven't personally worked with it.
And yup, EVERY router is a hardware firewall.
The DSR-150 has a single WAN interface. If you have only one internet service provider, that's fine. A reason to have dual WAN interfaces (as offered by the RV042 and RV082) is you can have multiple ISPs (Cable and ADSL, for example) with automatic failover...if one of them goes down, the router automatically switches to the other.
Other than that, it's quite feature rich, and certainly adequate for the application you're describing if it does what its specifications say it does; my caveat is that I haven't personally worked with it.
Active today
I said above I use a Cisco RV042G which is brand new and very fast. I get full speeds on my network with it. Much less than a Juniper. There is an RV042 and an RV042G. Make sure to get the G model. I don't think there is a FV082G quite yet.
..... Thinkpads_User
..... Thinkpads_User
Thanks very much, thinkpads_user and akahan.<br /><br />At this time, and with my budget, the $108 pricetag on the D-Link DSR-150 Unified Services Router was the major factor over the $250 Cisco/Linksys RV082 (yes, I couldn't find a "-G" model to even get a price.)<br /><br />I ordered the D-Link unit (from Newegg, while they had that $108 price.)<br /><br />Dennis
Well, somehow I screwed-up on giving points. Wanted to give you both points, but as I got the most from the post of akahan (that was marked as the "accepted" solution), that was supposed to get 200 points and the other "assisted" solutions were supposed to get 100.
Thanks again for your help.
Dennis
Thanks again for your help.
Dennis
Featured Post
The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
One of the biggest threats in the cyber realm pertains to advanced persistent threats (APTs). This paper is a compare and contrast of Russian and Chinese APT's.
Smart phones, smart watches, Bluetooth-connected devices—the IoT is all around us. In this article, we take a look at the security implications of our highly connected world.
The Email Laundry PDF encryption service allows companies to send confidential encrypted emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Suggested Courses
Course of the Month10 days, 11 hours left to enroll
765 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.