What's new

Best wireless router with fast CPU for high VPN throughput?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

DTS

Regular Contributor
Normally I would go with x86 hardware for good VPN throughput speeds because the limiting factor is usually the CPU. However, in this case, I need to go with a wireless router. So which wireless router is decent all around and also has a powerful CPU for openvpn client? (Obviously, it will need to support firmware with openvpn client -- either Merlin or dd-wrt or similar if the device doesn't come with vpn client support baked in.)

Thanks for any recommendations. Budget is under $450 roughly. I can purchased used or refurbished, if necessary to meet the budget.
 
Last edited:
GT-5300 is quite good when it comes to VPN speeds but VPN Fusion and OpenVPN settings in general are not as optimized as those Merlin’s firmware. The VPN speeds that I get with GT-5300 are comparable with that of AC86U (quite as good I would say).

With that being said, if you are looking for a cheaper router, 2 bands instead of 3 (if you have few devices), a firmware that is not buggy ([emoji36][emoji30][emoji36]) yet offers more customization options as well as options for configuration scripts (if that is of interest to you) then AC86U is a much better option. Note: There is no Merlin’s for GT-5300.


Sent from my iPhone using Tapatalk
 
GT-5300 is quite good when it comes to VPN speeds but VPN Fusion and OpenVPN settings in general are not as optimized as those Merlin’s firmware. The VPN speeds that I get with GT-5300 are comparable with that of AC86U (quite as good I would say).

With that being said, if you are looking for a cheaper router, 2 bands instead of 3 (if you have few devices), a firmware that is not buggy ([emoji36][emoji30][emoji36]) yet offers more customization options as well as options for configuration scripts (if that is of interest to you) then AC86U is a much better option. Note: There is no Merlin’s for GT-5300.

Thanks for your reply.

From the thread I linked:

"So basically, expect around 200 Mbps of throughput (I doubt the GT-AC5300's extra cores will make any real difference, OpenVPN being single threaded). That's about 4x faster than the RT-AC68U, and probably around 3x faster than the RT-AC88U/RT-AC3100/RT-AC5300."

You said, "The VPN speeds that I get with GT-5300 are comparable with that of AC86U." Is that based on your direct testing of both of these, or on something you read. If so, do you have a link?
 
It is from my own experience using same VPN providers, same servers, general router settings in stock/Merlin firmware.

Also to clarify, GT-AC5300 and RT-AC500 are two different routers. CPU capacity is different but you can get Merlin’s FW with RT-AC5300. The VPN speeds I got with RT-AC5300 were quite disappointing when compared with those of AC86U and GT-5300.


Sent from my iPhone using Tapatalk
 
There are lots of threads in the forums dedicated to the AC86U and GT-5300 one (for owners) that you may want to explore. You may also want to look at router ranking and other great reviews at the SNB homepage.

This is a great site, where people with different networking backgrounds come together to share ideas, solutions and help one another with any needs, questions or concerns.


Sent from my iPhone using Tapatalk
 
There are lots of threads in the forums dedicated to the AC86U and GT-5300 one (for owners) that you may want to explore. You may also want to look at router ranking and other great reviews at the SNB homepage.

This is a great site, where people with different networking backgrounds come together to share ideas, solutions and help one another with any needs, questions or concerns.
Thanks for those replies. Yes, this is indeed a fantastic forum.

I see I mistook the GT-AC5300 and RT-AC5300. Thanks for pointing that out. I prefer a router that has Merlin's software available (or dd-wrt, etc). The GT-AC5300 is a cool looking router and if other firmware was available I would consider it. But I don't even see dd-wrt firmware for it.
 
There is no DD-WRT firmware for GT-AC5300 but there are plenty of them for RT-AC5300-new FWs come out usually every month. You can certainly look in main DDWRT website for different FW's (under Router Database or Other sections). There is also Kong's FW which I have found quite stable to (although some people have had better experiences with those of BrainSlayer). Personally, after discovering Merlin's I chose to continue to use his FW. DDWRT installation can be tricky and you can brick your router if you don't carefully follow all installation instructions as described in DDWRT Wiki or even Peacock's thread (in the DDWRT forums) which I have found quite useful. I would strongly advise that if you choose to go the DDWRT route, you must really spend some time studying the Wiki before you attempt to flash your router.
 
There is no DD-WRT firmware for GT-AC5300 but there are plenty of them for RT-AC5300.
But the RT-AC5300 does not have good VPN performance.
Thanks for your thoughts on dd-wrt. I agree. I've been running dd-wrt on various routers for several years, although I am definitely not an expert.
 
Maybe try a Netgear R9000 (X10) running Kong's DD-WRT firmware?
 
What about the HP R120 ? Seems to be much better on paper than asus routers ...
I've seen you post about the HPE R routers in a few places now. Now sure if you're just curious or what, but to clear it up in this comparison, the R120 is just a 1Ghz MIPS box with an integrated switch, internal AC1200 wifi, and a typical a Linux-based firmware... nothing fancy. So, actually, *not* better than many Asus models "on paper", for a great many consumer use-cases.

@DTS - How has your experience been with the Asus 86U in terms of maximum throughput as a VPN server?
 
I've seen you post about the HPE R routers in a few places now. Now sure if you're just curious or what, but to clear it up in this comparison, the R120 is just a 1Ghz MIPS box with an integrated switch, internal AC1200 wifi, and a typical a Linux-based firmware... nothing fancy. So, actually, *not* better than many Asus models "on paper", for a great many consumer use-cases.

@DTS - How has your experience been with the Asus 86U in terms of maximum throughput as a VPN server?

Yeah I was curious about it, as in the official documentation it says it can do 200 mbit VPN throughput,
and 920 mbit NAT throughput which I thought was pretty good ...

It also supports VLANS and stuff Asus does not support at all .
 
Most all SoC routers can do near line-rate Gb NAT these days, typically through some form of hardware acceleration (Broadcom calls it CTF, or cut-through forwarding). As for VPN, unless it's a specific flavor that can be offload and accelerated by a specially-included encrypt/decrypt chip, most of the same types of devices must do it in-software (via CPU). MIPS is a bit better at most types of VPN-related math than ARM, so at 1Ghz, 200Mb/s doesn't sound too outlandish of a guess. It would take an ARM chip of almost double the clock speed, like the 1.8Ghz CPU in the RT-86U, to hit similar numbers. Makes me wonder why more makers don't offer MIPS chips (probably more costly and lacking in compatibility with their existing firmwares). So the R120 has a leg up there, but it's still just a different type of product, meant for largely a different type of user.
 
Ok thanks for the info!

Any product recommendations that can include an L2TP VPN server, doesn't have to have WiFi as I can use the existing router for that ...
Do Netgear routers support L2TP VPN as I can't find any info on that?
 
I don't want to derail DTS's thread too much, so perhaps you might want to make a new one with your own specific requirements. In a nutshell, it depends on how much VPN bandwidth you desire and which platforms and/or firmwares you're open to working with (OEM router firmwares, DD-WRT/Tomato, etc., Linux firewalls, EdgeMax, RouterOS, etc.). The lower your bandwidth requirements and more open you are to different platforms, the more options you'll have, obviously. For example, if all you need is 100Mb/s of VPN or less, a myriad of inegrated boxes could work, from higher-clock ARM consumer all-in-ones, to entry-level UBNT EdgeMax or Mikrotik RouterBoard models, or used/cheap x86 boxes with multi-port intel NICs running pfSense, Untangle, etc. So many options, but like I said, it just depends on what, exactly, you're looking for. I would start a separate thread, though, if you'd like to get deeper into it.
 
Normally I would go with x86 hardware for good VPN throughput speeds because the limiting factor is usually the CPU. However, in this case, I need to go with a wireless router.

x86 Router with a decent CPU that supports AES-NI, and a separate AP...

I've got a little x86 box running C2358 running a FreeBSD variant (pfSense), and a couple of Airports repurposed as AP's - everything is fine...

For VPN, I run L2TP over IPSec - not OpenVPN, but I only do inbound VPN to support my network access when I'm travelling.

OpenVPN is always going to be a box of rocks performance wise - it's strength (portability) is it's weakness (userland and as such, single threaded) - nothing against OpenVPN, it's an architecture thing - keep in mind that the only desktop OS that supports OpenVPN is ChromeOS

If one wants to geo-unlock content- which is most folks here on snbforums, seems like, always consider a tunnel - Hurricane Electric is mighty useful for IPv6 tunnels over IPv4, and they have a fair number of exit points.
 
keep in mind that the only desktop OS that supports OpenVPN is ChromeOS

Huh? Linux and Windows are not consider to be desktop OS?
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top