1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Thinking about getting a WRV54G

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by TylerBrown, Mar 15, 2006.

  1. TylerBrown

    TylerBrown Network Guru Member

    I've been looking into getting a WRV54G from an online retailer, as it is the cheapest price I can find, however I'm getting more and more skeptical about this decision as I read these forums.

    I've got three computers here at home, two desktops and a laptop. Connecting everything together right now is a Linksys WRT54GS, with the laptop connecting wirelessly. I was looking to replace my WRT with the WRV so that I could also have VPN access to my home network from school.

    What does the future hold for the WRV54G? I've read good and bad reviews online by reputable sites as well as consumers... it's hard to tell what my experience is going to be like.

    Being a student I don't want to end up with a $180CAD box that can do what my WRT already can...

    Any help would be appreciated.
  2. DocLarge

    DocLarge Super Moderator Staff Member Member

    As of this time, if you load beta firmware 2.37.13 and buy the Linksys 7dbi High gain antennae for better reception, you're WRV54G will be solid, no kidding.

    You'll be able to use quickvpn, surf the web, and do the typical functions that you can do with the WRT54G. The only drawback which a few of us are trying to get corrected is the fact that NAT-T, AES, and GRE support are missing. With the way the WRV54G is configured, you'll never miss "any" of that seeing what you want it for. For those of us who are power users, these are features we expected to come with it when whe bought it, so our needs are different.

    Buy it, and use the suggestions I mentioned and you'll be fine. You can get both items from here:


  3. TylerBrown

    TylerBrown Network Guru Member

    Thanks for the quick reply. Could you perhaps quickly go over when I might make use of NAT-T, and GRE? I'm not familiar with these acronyms. I realize NAT stands for Network Address Translation... but I've never heard of NAT-T.

    Also... so that means that there are no problems with terminating a VPN connection at the router, providing access to the network without making use of a dedicated system?
  4. eric_stewart

    eric_stewart Super Moderator Staff Member Member

    NAT-T stands for NAT Traversal. It defines a protocol whereby two VPN peers can detect the existence of a NAT'ng router somewhere on the route between them. This is important since ESP (Encapsulating Security Payload), which carries the encrypted IPSec traffic, uses neither TCP nor UDP for transport. This becomes a problem where the intermediate device requires TCP and UDP ports in order to create translations or in cases where non-TCP and non-UDP traffic is not tolerated / allowed by its access rules.

    NAT-T will masquerade the un-tolerated (?) ESP traffic by wrapping it 1st with UDP (port 4500, actually) which will make the traffic acceptable & translatable by the NAT box.

    GRE stands for Generic Routing Encapsulation. It, like ESP, is used to carry the encrypted traffic between VPN peers ....VPN peers which use the Point-to-Point Tunneling Protocol (PPTP). If a device such as the WRV54G will not pass this traffic through it then PPTP VPNs will not be able to connect in cases where either the VPN Server or the VPN client are on opposite sides of the router. Since PPTP architecture lacks the NAT-T fix described above, this is something of a show stopper. 99.9% of home gateway/router/firewalls support VPN pass-through. DocLarge is referring to the fact (I haven't checked this myself) that the $200+ WRV54G does not.

    To answer your last question, the WRV54G does a great job at terminating site-to-site VPNs. It's rock steady and fast in passing encrypted traffic between sites. Issues arise with remote access (ie: client/server VPNs) in cases where you put either your VPN "server" or the "client" behind NAT'ng devices. Since the underlying Linux operating system has not had its Free S/WAN IPSec VPN server patched for NAT-T it becomes a problem as noted earlier.

  5. DocLarge

    DocLarge Super Moderator Staff Member Member

    In addition to what Eric said, NAT-T and GRE have "always" been a problem with the WRV54G. However, quickvpn was Linksys's way of establishing vpn "without" utilizing those technologies, which was the purpose of this router; they basically wanted to create their own market for vpn support through quickvpn but didn't think it all the way through because in order to use quickvpn, you "literally" have to monitor "every" application you load on your computer or you'll never make the connection out (I learned this from experience and 8 months of no sleep until I got it right!!)


Share This Page