1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WRVS4400N <> WRVS4400N VPN tunnel fails during large transfers

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by manniongeo, Jan 4, 2009.

  1. manniongeo

    manniongeo LI Guru Member

    Hello,

    I recently encountered a new problem (on top of the myriad existing problems) with my two WRVS4400N v1.0 routers with which I would appreciate your input.

    The two devices are installed in two remote offices (on in Connecticut, CT, and one in Maine, ME). A few months back, I managed to create a VPN tunnel between the two, and have had moderate success performing basic remote assistance over that connection using programs like Windows Remote Desktop and UltraVNC. I say "moderate" because, overall, these routers are maddeningly unstable. I can, however, typically use the VPN tunnel normally for a few days on end before having to reboot and/or reconfigure one of the routers.

    Last week, I got a little more ambitious and attempted to replicate several tens-of-gigabytes of data from the CT office to the ME office using a simple file system synchronization tool (GoodSync). Over our cable connections, I expected that it would take about 2 weeks to get the initial bulk of the data copied. Once the baseline is established, the incremental changes should copy quickly overnight a few times per week.

    To avoid clogging up the connections with the large initial transfer during working hours, I set up some smaller jobs to run overnight for the next few days. Each should run for roughly 12 hours. I've been babysitting them for the first few hours while working on various local tasks, during which time the copy operations have been moving along nicely.

    Now for the problem.

    When I return to the office each morning, without fail, the copy job has failed due to the VPN tunnel being down. In each case, one of the two routers has crashed (each router appears to crash about as frequently as the other). At a glance, the front panel lights look normal, but the offending device is entirely unresponsive for local or Internet connections. Also, the router configuration page is inaccessible either locally or remotely.

    Unplugging and re-connecting the power fixes the problem, and restores normal local, Internet, and VPN connections.

    Naturally, my question is:

    QUESTION: How can I prevent the router(s) from crashing during large transfers over the VPN tunnel?

    I am running the v1.01.03 firmware from the Linksys web site. I've read on this forum that there are a few beta versions available (.08, .12), which I have downloaded but not installed. While I am an IT professional by trade (primarily DBA; somewhat system admin), my networking knowledge is limited to having read copious RFCs in my spare time during college in the early '90s. Needless to say, things like firewalls and VPNs weren't widely used in those pre-WWW days, so my modern skills are a hodgepodge of tidbits gleaned from linksysinfo.org and similar forums.

    At any rate, the point is that I would be happy to, and probably capable of, installing one of the beta firmware releases. Not knowing a heck of a lot about VPNs, though, I expect that I wouldn't recognize signs of trouble that would be obvious to a more experienced user. I'd appreciate any feedback on whether you think it would be worthwhile trying a newer firmware, or whether I'd be inviting trouble.

    Additionally, I'd be happy to provide more details, but I don't really know what else to say about my configuration just yet. If there is useful information that I've left out, please ask and I'll post an update.

    Thank you, in advance, for your assistance with this issue - and for the large repository of helpful tips on linksysinfo.org.

    -Michael
     
  2. kspare

    kspare Computer Guy Staff Member Member

    I'll tell you what I tell everyone else....

    I was part of the team beta testing this router.

    It's junk and it will never amount to anything.

    Pick up 2 wrv54g's or get 2 cisco 871w's

    Thats been my standard router choice for 5 years now and they don't ever let me down.

    Doclarge convinced me to try my 4400 again with the new firmware and yet again, the vpn drops, the wifi dropped..etc etc.

    the ONLY flaw with the wrv54g is that the wifi on occasion will hang. it's wifi is NOT 100%.

    If a customer needs that, I get them the cisco 871w and I never have to deal with the problem again.

    Same goes for the vpn client, 871w, and I never look back, customer never complains, problem solved.
     
  3. DocLarge

    DocLarge Super Moderator Staff Member Member

    Pay no attention to my esteemed and greatly cynical cohort :) He "cheesed off" the project manager of that device in their initial meeting and the guy probably sent him a WRVS4400N that ran under microscopic "hamster" power and the little buggers left turds on the processor...

    Personally, I'm still running 1.1.08 with my WRVS4400N and it is currently running an IPSEC tunnel to my to my 871w (I have a DSL connection and a cable modem connection for testing at home) and the tunnel is holding up fine. Also, if I may add, I got one of the "first" WRVS4400N's that were deployed, so I may actually have one of the few functioning versions...

    As Kpare said, we tested the thing exstensively, but after some time, folks through in the towel... I've had nothing but solid performance from this router with my current firmware. This thing was up for 65 days straight before we had a power outage and it recycled.

    Overall, me likey!!!! Upgrade your device to .08 and it will stable out tremendously.

    Jay

    P.S.

    I bought my 871w because I needed a (then) newer router for home/business use, but having an 871w doesn't hurt nor is necessary if your WRVS4400n has the proper firmware...
     
  4. kspare

    kspare Computer Guy Staff Member Member

    I should note, you are the ONLY person in the test group satisfied with this router.

    I've yet to see it work flawlessly.
     
  5. DocLarge

    DocLarge Super Moderator Staff Member Member

    Sheesh, you and I were the only ones WITH the router :) apart from you and I along with the other guys owning/testing the wrv210. Based on that, the odds say there's a 50/50 chance for success or failure with the wrvs4400n, meaning good odds.

    Note: I got the good odd (50 percent success) hee, hee, hee

    Oh, something Kspare and I both forgot to mention is that if you are planning on grabbin a wrv54g, do it quick. They are getting ready to discontinue that model sometime this year. The good thing about the wrv54g is that it had an intel processor and vpn was done via hardware and not software like the wrv200/210 and WRVS4400n/RVS4000n. "If" you were to grab a wrv54g, the firmware to use is 2.37.13; it's a beta, but it was "THE" stable firmware for that router...

    Jay
     
  6. kspare

    kspare Computer Guy Staff Member Member

    If you came into my business telling me that you want to supply me with a router for $200 that means i've go 50/50 odds of working + the time for you to screw around diagnosing etc to try and make it work, not to mention the wasted business time of employee's etc, vs spending a couple hundred more for a 871w that will simply work no questions asked. You'd be out on your ass faster than you could spell linksys. 50/50 is NOT good odds when it comes to business continuity. It's a POS. The fact that you still stand by a router that is of this quality still baffles me. It's junk, just like the wrv200 and the 210.
     
  7. Toxic

    Toxic Administrator Staff Member

    are we really gonna fall out over a a piece of plastic guys? agree to disagree ;)
     
  8. kspare

    kspare Computer Guy Staff Member Member

    My stance will never change. the 4400 and the wrv200/210 are not reliable routers, I can prove tihs over and over again. People need to know this so they don't waste their time and money trying to make something work that will never work, having someone say well they work 50/50 of the time gives someone false hope, when the whole point of this forum is the advise people. The problems some of these people with this router simply will not go away as much as doclarge wants to sugar coat it. If his works, Great, he should also pick up a lotto ticket too, but for the many others that can't get it working, or have it working and it's crashing, they should know they are wasting their time trying to get it to work. I just find it sad when people put so much effort into finding creative ways to automatically power cycle a router just to make it work, when they could have just bought a 871 cisco router and have it just sit there and do what it's supposed to do.....different ways of thinking I guess.
     
  9. manniongeo

    manniongeo LI Guru Member

    Well, as long as there's a consensus...

    Firstly, thank you both for your suggestions, and your analysis of the larger context.

    kspare, I wholeheartedly agree with your perspective on business continuity and the opportunity cost of futzing around with a sub-optimal solution. Since going into business for myself 5 years ago, I've retired from the platform holy wars. At this point, I don't care whether I'm running Windows or Linux or MacOS, or Intel or AMD, or IIS or Apache - or a WRVS4400N or 871w or WRV54G - I just want my stuff to work so I can get back to the business of making a living.

    Unfortunately, the WRVS4400N has been one of the more persistent distractions from that endeavor. If I knew then what I know now, I would have made another choice; I could have afforded to buy a pallet of 871w's if I was billable during the time I've spent trying to keep the WRVS4400N running.

    That said, I can't undo what's already been done. Also, I'm not in a position to replace these devices with new hardware right now. So, DocLarge, based on your success with the .08 firmware, I'm going to forge ahead and upgrade both routers. At least we know that it is possible for these devices to work well; we'll see if I can manage to replicate your success. My eyes are open (or, at least, opening) and my expectations are low, so there's nowhere to go but up.

    Oh, before I leave, if I could add one more drop of fuel to the fire, I mentioned in my first post that I also have a copy of the .12 beta firmware (along with the .08). Just to be sure, so I don't have to do this twice:

    Q: DocLarge, do you still recommend that I use .08 in light of the availability of .12?

    Thanks for the clarification.

    -Michael
     
  10. kspare

    kspare Computer Guy Staff Member Member

    Just so you know I was running the .13 beta.

    Just for arguments sake i'll grab a copy of .08 as jay suggests to see how it works.
     
  11. Toxic

    Toxic Administrator Staff Member

    i'll put v1.1.13 up on the site for you guys tomorrow.
     
  12. Toxic

    Toxic Administrator Staff Member

  13. manniongeo

    manniongeo LI Guru Member

    Toxic,

    Thanks for the new firmware!

    Coincidentally, I installed .08 earlier today. I've transferred about 2G across the VPN so far with no crashes; so far so good. We'll see how it does overnight.

    Would you recommend upgrading from .08 to .13 at this point?

    I ask because when I was originally researching my issue, I found myriad postings for various routers (including this one) where folks had to downgrade to get rid of problems with newer firmware. I don't want to assume that .13 is better than .08 just because it's newer. If you've had success running it, though, I'll try it out tomorrow.

    Thanks,

    -Michael
     
  14. DocLarge

    DocLarge Super Moderator Staff Member Member

    Pardon me for being late...

    Manniongeo, while I will agree to disagree as Simon suggested :) , you're most likely seeing what I've spoken of; .08 is solid performer. Hey, Kspare and I will probably never agree on the WRVS4400n, but that's only because he's had some misfortune with a few of Linksys's "touted" products. Personally, I've had continuing good luck. The WRV200 testing was probably the most "arduous" testing because it took 10 months of our time to see the wrv200 was a dud. My biggest reason for not using the wrv210 is that it does not use port redirection, "but" the wrvs4400n does. Also, the wrvs4400n runs up to gigabit speeds.

    Stay with .08 until something better comes along. This is the most stable firmware for right now that I can see. If it still doesn't work, then the problem is your router. I have no doubt there is a defective batch out here because too many people are complaining about issues I've "NEVER" seen with mine (i.e, overheating, high pitched whining, etc...)

    In regards to betatesting the wrv200, it's not that the wrv200 wasn't a decent router, it just didn't have a strong design (nice concept, though). To this date, the WRV54G was "THE" best hardware based router linksys made for SOHO, the just didn't put enough time into cultivating it.

    Once I started using the wrvs4400n (and loaded a decent firmware) I found this router to be good for home use and small office. Hey, some will rant dislike, I'll rave my "like" for this router. In the end, mine works so there's no evil I can say...for now!!

    DUM-DUM-DAAAAAAAAAAHHHHHH!!! [Insert cymbal crash here]

    Jay
     
  15. Sandokan

    Sandokan Addicted to LI Member

    Same problem with 1.01.13 firmware.
    Actually the 1.01.08 version is the most stable.

    Nothing to do... Linksys... :thumbdown:

    Sandokan.
     
  16. manniongeo

    manniongeo LI Guru Member

    OK, got it. After 2 nights of 2-3 GB overnight transfers with no problems, I'm extremely happy with .08. I'll stick with this release until I see a consensus that another version is both markedly better and at least equally stable.


    Regarding the noise, I have one observation that I can substantiate with copious empirical (though only incidental) research - it depends on the individual as to whether 1) they can hear the noise at all, and 2) whether the noise is problematic for them.

    There may, indeed, be some routers that make the noise and some that do not; I'm not disputing that point. I can say with certainty, though, that both of mine make the noise, and some days I want to blow my own head off just so I don't have to listen to it anymore. Especially in the CT office where there is less fan noise from other machines, it is literally unbearable for me to work for extended periods; I have to turn on the radio or something.

    That said, neither of my parents (60+ years old) can hear it at all. I didn't believe them at first because the sound is so obvious to me. But, after a year of watching/talking to them while working around the router, I really think they just can't hear it.

    My wife is a speech therapist, and she informs me that hearing loss in this upper frequency range is common as we age. Now at least I have something to look forward to in old age :wink:

    Speaking of her, my wife can hear the noise, but it doesn't bother her. I attribute this more to temperament than biology. She's supremely even-keeled. I'm easily-agitated. That's why her desk is closer to the router :biggrin:



    Thanks to everyone that offered their time and advice (and software!) on this thread. This has made a substantive difference in my ability to operate, and I couldn't have done it alone (as evidenced by the past year of things not working correctly). Have a safe, prosperous, and happy new year.

    -Michael
     
  17. I am surprised that no one has realised this before but the noise generated by the router (Mainly from the coil windings) is due to poor supply of power. I would hazard a guess that the router was designed in the US (120v) and that the majority of issues, if not all, occur with routers outside of the US in 220-240v countries. You may even find that the noise increases with router activity as more current is drawn.

    The solution is simple. Use a better quality higher current PSU. It has worked everytime for me so far. I could not personally stand the noise generated as a result of the stock PSU so I know how annoying it can be.

    Cheers,

    Tony.
     
  18. manniongeo

    manniongeo LI Guru Member

    Different power supply didn't help

    Anthony-Howard,

    I am in the U.S. (120V), and hear the noise problem. As you describe, it does fluctuate as along with network activity at a rapid pace, apparently in synchrony with the flashing lights on the front panel.

    According to the WRVS4400N User Guide, the unit is rated for 12V 1A. I just tried a different power supply, rated for 12V 1.7A, and observed the same high-pitched whining noise.

    In both cases, the power supplies were plugged into my APC SUA-1500 UPS. This is a pretty nice UPS, and has actually stopped (for the past year now) what had previously become a very costly and very annoying string of fried electronics down in the CT office due to dirty power to the building (IMHO).

    So, I have good power via the UPS, and am observing the same noise with two different power supplies, one rated for 70% higher throughput than the router needs. The common variable is the router, itself, so I continue to attribute it to a problem with that device.

    I'm neither an electrician nor an electrical engineer, so if I'm off base please let me know and I'll try again. I have a beefier 12V bench power supply from Radio Shack that I could rig a positive-tip connector to. I also have a handful of old desktop computer power supplies (which I finally figured how to turn on by shorting the PS_ON pin) that would certainly supply enough power.

    I'm hesitant about possibly frying my router due to my mediocre hobby electronics skills, but I'll give it a shot if you can convince me that it might help. From scouring the web about this topic in the past, I know that there are a lot of WRVS4400N users out there who would appreciate a step-by-step fix to eliminate the noise - no to mention Linksys, itself, who has apparently been sending out copious numbers of replacement devices in unsuccessful attempts to mitigate the whining (from the routers or the customers, I'm not sure).

    -Michael
     
  19. DocLarge

    DocLarge Super Moderator Staff Member Member

    Kspare, my I.T. brethren,

    are you getting this? Was it....."Extremely Happy" I heard the man say?

    In your face, Dick Tracy!!!! Ba-da-bing, ba-da-boom!!! :) (Jay shakes his money maker)
    That would be my azz for you "un-hip" folks :)

    The WRVS4400N mogul sends.....
     
  20. kspare

    kspare Computer Guy Staff Member Member

    Small victories my friend.... I'll even see if mine works, but in the end its alot of BS for someone to go through, tinkering at home is one thing, applying it to a business where your reputation is on the line is another. Similar to what I said before, if you had put this solution on my office, i'd be looking for a new IT guy or you'd be spending so much FREE labour trying to make it work you'd quit. It's still a joke.
     
  21. DocLarge

    DocLarge Super Moderator Staff Member Member

    What?!?! You still haven't tried it??? *GASP* Com'on, man, just let yourself "believe..."

    < Jay raises his hand to summon the essence of obi-wan>

    Feel the presence of the wrvs4400n around you :)

    Let's "crank this mother up" for a second, shall we? I shall initiate the assistance of my I.T. partner in crime Kspare.

    The action: Kspare (if he's game) and I will attempt to tranfer a GB file (or larger) between his WRVS4400n and mine to test the resiliency of the vpn tunnel and the mettle of overall router to see if it can "do the damn thing." We'll go "best 2 out of 3" to be fair. Should the router not be able to perform within those opportunities, then we'll give him "EPIC" bragging rights that the WRVS4400N is crapola!!! If the router does prove to be functional running .08 on his router (Hell I already know it works on mine), then...he just has to be nice about when other folks still see fit to come here and ask
    help with the unit. :)

    *DISCLAIMER* Should there be a consistent failure for tranfer between Kspare and myself, then I'll run the same test with another user who has a WRVS4400N with the same firmware loaded (.08) just to verify that it may be a hardware problem with Kspare's unit and not a functional problem of the WRVS4400N.

    Kspare, wanna give me a hand with this, eh?

    Jay
     
  22. kspare

    kspare Computer Guy Staff Member Member

    I'll try the .08 with my current config which consists of the following:

    Local Wifi
    QOS for voip back to our office
    VPN Access to our office
    Regular internet access

    on .13 I noticed the following issues from me saying this was reliable.

    1. Wifi dropped on my Lenovo T61 Laptop.
    2. I can't see wireless N for some reason.
    3. The VPN Drops, the other side is a cisco pix

    Just for arguments sakes, it's not the pix, on a WRT54GL with the cisco vpn client I can stay connected for days, or use a 871w and the tunnel never goes down.

    So i'll give it a shot, if it works, hell i'll even buy some to put at customer sites, but if it doesn't it's going to go sit as displacement in my cats litterbox.
     
  23. DocLarge

    DocLarge Super Moderator Staff Member Member

    That's the spirit, dude!!! Live a little!! :) :)

    By the way, I don't use wireless N because I really haven't had the urge to try it (again) as of yet (call me complacent....) but wireless G works great!!!!

    I'll email you my settings and we can "see what we will see."

    That part in quotes was from "Undersiege" with Stephen Seagal... Classic.... :0

    Jay
     
  24. DocLarge

    DocLarge Super Moderator Staff Member Member

    Update

    I've just uploaded a 1.6GB file to one of my ftp servers via a vpn tunnel between my cisco 871w and my linksys wrvs4400n. Here's the setup I used:

    Cable Modem: Cox High Speed Internet connected to 871w
    DSL Modem: Verizon High Speed Internet connected to wrs4400N (1.1.08 firmware)
    Tunneling Protocol: IPSEC VPN
    Transfer Method: Ipswitch FTP Pro Client (Ver. 9.0) running on 2000 Advanced Server (Full)
    FTP Server: Ipswitch FTP Server (Ver 5.05) running on 2003 Enterprise Server (Trial)
    Total Transfer Time: 2hrs 30mins

    Description: Instead of using the WAN ip address, I initiated the ftp connection "through" the vpn tunnel from the 871w side by using the private ip/local lan address of the Ipswitch FTP server (i.e., 172.16.29.xxx) and uploaded the image. The transfer rate was roughly 168KBs per second.

    Looking good so far. Kspare and I will do round two (4400n to 4400n gateway) as soon as he's loaded .08...

    Jay
     
  25. DocLarge

    DocLarge Super Moderator Staff Member Member

    Update #2

    Okay, since I haven't heard back from Kspare, I thought I'd go ahead and continue on this streak of "I told you so" with the performance of the 4400n with firmware .08. This time, I'm going to take my 871w offline and replace it with my WRV210 and form the tunnel between it and the 4400n:

    Cable Modem: Cox High Speed Internet connected to wrv210 (1.1.16 firmware)
    DSL Modem: Verizon High Speed Internet connected to wrs4400N (1.1.08 firmware)
    Tunneling Protocol: IPSEC VPN
    Transfer Method: Ipswitch FTP Pro Client (Ver. 9.0) running on 2000 Advanced Server (Full)
    FTP Server: Ipswitch FTP Server (Ver 5.05) running on 2003 Enterprise Server (Trial)
    Total Transfer Time: To Be Determined...

    Description: The same 1.6GB is going to be used in the same way the previous test was conducted. This time, I'm going to upload the file from the wrvs4400n side of the tunnel.

    I'll let you know more in the morning...

    Jay

    Edit:

    Upload has started. It's much slower via DSL, but it is going.

    Kspare, start turning your "frown upside down!!" :)
     
  26. DocLarge

    DocLarge Super Moderator Staff Member Member

    Update #3

    Here's the final take:

    98% of the 1.6GB transfer went through before the ftp client took a dump for whatever reason (I need to readjust the timeout settings).

    As of right now, the router is still up, remote management is accessible and functional, the IPSEC vpn tunnel is still in place, I'm typing this post at the same time, and for giggles, I'm streaming an audio file from the 4400n side. Oh yes, the 1.1.08 firmware appears to be "legit" in my book.

    One more time, here's the setup I used for this:

    - Linksys WRV210 (firmware 1.1.16)
    - Linksys WRVS4400N (firmware 1.1.08)

    If anyone has tunnels running between 2 WRVS4400N's with firmware 1.1.08, please post and let us know how it's going.

    Jay

    P.S.,

    for some of you WRV210 owners:

    Earlier in this thread someone stated that inadequate power from the the power supply "might" be the cause of the "whining" that some users hear with the 4400n. I can only assume I've been getting adequate power (based on this theory) which could "possibly" explain my never having heard this whining everyone speaks of (again, based on this theory).

    Following this logic, I've noticed in the last 24hrs by substituting a power supply from another Linksys device (wireless music bridge) which is rated at 1000ma, I've had solid performance out of the WRV210. When using the power brick that came with it, I've typically cussed this thing and thrown it in the closet by now. Suprisingly enough, it's whooping ass right now.

    Could there be some truth to this power supply thing??!?! Hmmmmmmmm....
     
  27. manniongeo

    manniongeo LI Guru Member

    VPN client working now, too

    I just wanted to post a follow-up on a related topic that I hadn't discussed yet on this thread: I'm now able to create VPN connections from my laptop back to both offices with the WRVS4400N routers!

    Prior to upgrading to .08, I was never able to make a VPN connection from a laptop. Vista or XP, NAT or no-NAT, QuickVPN or manual fiddling with Windows, nothing worked. At best, I'd get as far as the 'Verifying Network' message, which would hang indefinitely.

    Today, I'm away from the office for the first time since upgrading to .08 and decided to give this another try. Other than some flakiness with remote management (after clicking 'Save Settings', I've had to manually refresh every page, every time) this worked on the first try for each router. If this proves to be reliable over the next few months, I may actually start hosting my web page and email internally - which was my original goal when buying the WRVS4400N.

    There's still the Vista/NAT-T problem to contend with, which may be a showstopper, but at least things are heading in the right direction again.

    -Michael
     
  28. DocLarge

    DocLarge Super Moderator Staff Member Member

    I'll say no more about .08; it's the "heat," period! :) Now if we could just get Kspare to stop "hating" on .08 and try it *heh*

    jay
     
  29. kspare

    kspare Computer Guy Staff Member Member

    Hey guys, I haven't had a chance to even try out 08 i've just been to busy at work.

    But Jay, before you get on your high horse again, keep in mind, the whole ftp file transfer thing was never even an issue for me. So I don't see why you think it's all great and mighty because that works. Who cares? Consider the actual issues I had in the first place.
     
  30. DocLarge

    DocLarge Super Moderator Staff Member Member

    Now, now... :) My horse has never risen (nor fallen for that matter), but it does win races occasionally, more often than not :)

    It was never about the ftp; it was about the fact that I could "transfer" a sizable amount of data "through" the tunnel minus any dropouts. I've still yet to have any dropouts, whether it be transferring files via ftp or just clicking and dragging through the tunnel.

    I'll shoot you an email later because what I need to see next is if the Qos fails. What was the other problem(s) you were having?

    Oh, I just noticed the time (upper left corner) of your post; what part of Canada are you in again?

    Jay
     
  31. kurtcedric

    kurtcedric Guest

    WRVS4400N Functionality

    Given the following scenario

    SITE A->SERVER A->WRVS4400N -> INTERNET<-WRVS4400N<- SERVER B<- SITE B



    1. Exactly how stable is the WRVS4400N with FW 1.01.08 ?
    2. What is the difference between hardware V1 and V2 ?
    3. Would users still be able to browse the Internet?

    THANK YOU
     
  32. DocLarge

    DocLarge Super Moderator Staff Member Member

    1) FW 1.1.08 is (as of now) the flagship firmware version for stability; I personally will not move to anything else until a newer version proves to be as reliable

    2) V2 has functions similar to the WRV210 (i.e, wireless vlans, multiple wireless SSIDs)

    3) Yes

    Jay
     
  33. ajohnson30

    ajohnson30 Guest

    Just a side note: You do have the ability to disable direct access to the internet. I've been trialing one of these routers in a site-2-site vpn at my work, and we control who has access to the internet through our main firewall. I disabled the remote sites direct access to the internet in the firewall->internet access policy tab. It's easy enough to re-enable if I really need to allow it.
     

Share This Page