Do I need 2 Routers?

Discussion in 'Networking Issues' started by srae1, Aug 18, 2005.

  1. srae1

    srae1 Network Guru Member

    I have a wrt54gs as my main router now. But it is in a closet and I have poor range, so I want to move it. I will need to replace itr with a new router since this is where my DSL modem and the networking switch box is. I want to move the wireless to a open spot like a WAP, and replace it with a new router. However I need to access the network from a moving remote location due to my traveling. I was wondering which router with VPN would work best and can I use only one router or do I need hardware with my laptop. I was thinking about greenbow client software, not sure if I can use linksys software (quickVPN?). any way I only need 1 to 2 tunnels ever that I can imagine. I was looking at the rv042, the BEFSX41, the BEFVP41, and the RV0041.
    I am unclear after all the reading if I need 2 or can I get one and use client software for the traveling laptop. also which is better stability wise. Linksys with quickVPN, or with 3rd party client software?
    Also, I saw the wrv54g and was wondering about using it and using the wrt54gs as a WAP, but have had two sets like that before and had trouble with 2 wireless routers working together even with the router functions disabled.
    Any opinions would be helpful, I don't need more equipment that doesn't work to be stored in my closet, or to by the wrong equipment. I just need to be able to access ny server without the expense of a dedicated IP address.
  2. 4Access

    4Access Network Guru Member

    Why not simply place your WRT in a better location and then run a cable back to the modem in your closet? Do you really need more hardware?

    I can't make a recommendation about the routers you mention because I've never used them but do you really need a VPN capable router? When you say you need to access your server remotely what do you want to do with it? Control it remotely, have access to its files remotely or both?

    Depending on what you really want to accomplish, one or more of the following might allow you to do it without a VPN router:

    Remote Desktop (Only available on Windows XP Pro & Server 2003. If you have a Windows 2000 Server it's called "Terminal Services")

    Just to name a few.

    Good luck.
  3. srae1

    srae1 Network Guru Member

    well I really need to access the server fom a distance when I travel. So I could be hundreds to thousands of miles away. I thought this VPN setup would be more secure, qucker, and cheaper than go to my pc.
    As for moving the router it is really not that simple due to thge architecture I am dealing with in the building. It probable is easier to have a new router and make the old wireless into an WAP.
  4. 4Access

    4Access Network Guru Member

    It doesn't matter if you're using your neighbor's internet connection next door, or are in a hotel on the other side of the world. It all works the same.

    Quicker in what sense? To setup or to use? Obviously not cheaper since you can do all the methods I suggested with simply a WRT and don't require the more expensive VPN hardware you're looking at. As for security that depends a lot on how you implement it. I'll admit that I am now aware of a MITM vulnerability with Remote Desktop so if you're really security concious you might want to tunnel it through something else that can use public key encryption like Zebedee, or ssh, or even something like Hamachi which I mentioned earlier.

    So I take it you plan to connect the two routers together using WDS or Client Mode then...? (Otherwise you have the run the cable anyway...)
  5. srae1

    srae1 Network Guru Member

    I am accessing medical records so security is an issue.
    I was looking into the ssh but wasn't sure if it would work with my current router. I guess I will look at that closer since no new equipment certainly works into my price range.
    My current set up from DSL modem to WRT54gs router then to hubs and switches (all in the same closet).
    Don't I have to go from the DSL to the router then to the network. OR does it matter where on the network the router is?
    Can I go from the DSL to the hub connecting the router in a different room. Wouldn't I need two connections in that room?
    incoming from the DSL modem to the internet on the router then from the router to the network from one of its four ports.
    That is my understanding. So then I thought that is how the router is connected to the network. Unless I am missing something.
    But Networking is still new to me, and the VPN I thought was the only way for me to access the network over the internet. If SSH is secure, stable and cheaper, it could be the way for me to go.
    Is there software for that that works best with linksys, or is it hard to set up?
    And am I correct about the placement of the router?
    Thanks for your help, this is looking much better.
  6. srae1

    srae1 Network Guru Member

    Of course I remember now I looked at SSH briefly and Linksys firmware did not support it. I guess I can look at changing the firmware. If it is not too complicated.
  7. 4Access

    4Access Network Guru Member

    You're right about the router placement/cables needed. For some reason I was thinking you only had wireless clients connecting to the router. You could place the router in a central location but then you would need to run one cable back to the DSL modem and another one back to your switch like you suspected. It's an option but it sounds like buying another router would probably the easiest solution.

    Regarding the SSH issue... the stock Linksys firmware doesn't have SSH builtin but custom firmware such as DD-WRT does. Additionally you could run ssh on your server as mentioned earlier (link) and simply forward the necessary ports which works fine with the stock Linksys firmware.

    Another option not previously mentioned is having your server be the VPN endpoint, either using the builtin MS VPN capabilities or by installing 3rd party VPN server software. Note that if you go this route you might have to install custom firmware on your router so you can create firewall rules that will pass the VPN traffic.

    Lastly certain firmware such as DD-WRT include VPN features. (Only PPTP is builtin but there are IPSec and SSL VPN packages available although they are going to require a little more Linux knowledge to configure.)
  8. pupkind

    pupkind Network Guru Member

    I was not able to find ANY description of Zeebeedee security protocol, which sort of puts it on the same level with much-hyped, yet hopelessly amateurish Waste, CIPE and others. Things like encryption and key lengths are intagible, so verbose description of security is a must for any serious VPN product.

    Hamachi looks pretty promising, perhaps it is a next big thing in VPNs .. if it survives :)
  9. 4Access

    4Access Network Guru Member

    I agree that a detailed protocol spec would be nice but calling a project "hopelessly amateurish" simply do to lack of documentation on the home page is ridiculous. From the manual Zebedee is based on Blowfish encryption and the Diffie-Hellman key agreement protocol, both well documented elsewhere. As for the actual implementation try searching the mailing list for authentication for some notes from the author. If that isn't enough (or if you don't trust the author's implementation) remember the project is open source and you can always check the code for yourself and let us know what you find.
  10. pupkind

    pupkind Network Guru Member

    Ugh, I phrased it badly. "Amateurish" comment was in reference to Waste only, which is just that - an exercise in cryptography by people who had zero clue as to what they were doing. Putting more bits in a key does not compensate for gaping holes in its key exchange and message encryption design.

    I don't have an opinion about Zeebeedee. Perhaps it's secure and well-designed, I just wish they would've properly documented their design. That's all :)
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice