1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

Which router for OpenVPN client?

Discussion in 'Routers' started by zsero, May 27, 2013.

  1. zsero

    zsero Occasional Visitor

    Joined:
    Jun 18, 2008
    Messages:
    41
    I am confused about which would be the best router for an OpenVPN client. I would like to make a single OpenVPN UDP connection to a VPN service and thus secure all my home network. I'm looking for a router for exactly this purpose.

    Here are a couple of ideas I've come across:
    1. TP-Link 1043ND + Gargoyle (£35)
    2. Ubiquite EdgeMax Lite + couple of days of freetime (£100)
    3. Belkin N300/N600 Max super cheap from eBay + Toastman TomatoUSB (£12/£22)
    + any ideas?

    I have two questions in mind:
    1. Which is the better solution for handling OpenVPN traffic for 3-4 clients, OpenWRT (Gargoyle) or TomatoUSB?
    2. Which one do you recommend, which one would you buy? The N300 is so super cheap that it seems to be a super deal, but I don't know how reliable TomatoUSB is for OpenVPN. The N600 Max is an other super crazy deal, found on eBay UK in dozens of open box / refurbished listings.

    Wireless part is not important, it's nice to have, but not a deal-breaker.
     
    Last edited: May 27, 2013
  2. CaptainSTX

    CaptainSTX Very Senior Member

    Joined:
    May 2, 2012
    Messages:
    1,833
    Cheap not necessarily compatible with VPN

    If I understand what you want is to subscribe to a VPN service so all your Internet traffic routed through your router is protected using a VPN then you need to purchase a router with the highest speed processor you can find and the maximum amount of RAM.

    The processing overhead of running a VPN and encrypting all your traffic even with the best SOHO stand alone router will probably cut your download speeds by 35%.

    As an example I have an over clocked Linksys 54G running DD-WRT on 16Mb of RAM. Using my 20 Mbps Internet connection I am lucky to get 4 Mbps downloads when running a PPTP VPN.

    If I use my Linksys E3000 with a faster processor and 64 Mb of memory which is tethered to Sabai Technology's VPN accelerator with 2 Gigs of memory I can get consistent download speeds of 18 - 20 Mbps connected to a VPN server 1,100 miles distant. The Linksys E3000 is only functioning as a OpenVPN AP behind my ASUS N66U router.

    Another option is to purchase software to run on a PC to make it function as a router. Even a PC that is a few years old has a faster processor and more RAM than the latest and greatest SOHO router.

    If speed is equally as important as security then spend the money for the most powerful router you can find.

    Also be sure that you can install and run an OpenVPN client on what ever router you purchase if security is what you are after. PPTP offers very little security and its best use is to get around geo blocking where it makes no difference if someone could decrypt a video stream.
     
  3. monakh

    monakh Occasional Visitor

    Joined:
    Feb 17, 2012
    Messages:
    21
    Location:
    Lahore | Manama | Washington
    I have run an OpenVPN server for many years and have gone through a myriad of routers with open source software for this purpose alone. My current router is the Asus N66 running Tomato/shibby firmware. Waiting for the AC68 before upgrading to the next generation.

    Having said that, a good OpenVPN implementation will not have a 35% overhead. In my experience and testing (I am an American working in the Middle East) with Netflix, Hulu etc., the loss is never more than 20%. There is no better VPN implementation around and several ISPs (such as Strong VPN) allow you to connect your router directly by supplying you with the necessary certificate and config files.

    To respond to the OP, I prefer Tomato over dd-wrt for OpenVPN. In fact, my router selections are centered on VPN connectivity and Tomato compatibility. Any new-ish Buffalo with native dd-wrt or Asus (which runs Tomato like a champ) should be okay.

    Hope this helps.

    Edit: I did want to mention that I consistently get >4 Mbps speeds over a 5 Mbps DSL connection.

    Sent from my HTC One using Tapatalk 2
     
    Last edited: May 31, 2013
  4. CaptainSTX

    CaptainSTX Very Senior Member

    Joined:
    May 2, 2012
    Messages:
    1,833
    Vpn

    When you are looking to connect to a VPN server many hundreds of miles distant it helps to understand the impact of all the variables that will reduce your speeds.

    1. First run speed tests to a speed test server as near your actual location as possible without using VPN. This is your baseline.

    2. Repeat the test to a server in the country/ city where your VPN server will be located. If you want to stream Netflix to Hong Kong you would probably test to San Francisco. This will give you the reduction due to longer distance with more hops.

    3. Now test running using an OpenVPN client on a PC and connect to a server in whatever city you are going to stream from and then run a speedtest to that city. This will be the best case if you have a fast/powerful setup.

    4. Finally start the VPN on your router and repeat the tests in step 3. This will give you an idea of what the room for improvement is if any.

    Equipment does matter. When I connect to a speedtest server 1,100 distant I normally get a download speed of 20Mbps. If I run a VPN on a Linksys 54G I am lucky to get 4 -5 Mbps. Using my E3000 with an attached VPN accelerator I normally get 19+ Mbps. Most of the time I can't do any better even if I run the VPN on my laptop.
     
  5. monakh

    monakh Occasional Visitor

    Joined:
    Feb 17, 2012
    Messages:
    21
    Location:
    Lahore | Manama | Washington
    Well, I don't know the primary reason the OP wants to secure his VPN but I do it primarily for Netflix and Hulu so my baseline is the Arabian Peninsula to NYC. That's a good few thousand miles around the world as the Speedtest servers I use are all in NY.

    It's a testimony to how robust OpenVPN is, that I can run Netflix HD with no issues. The ping times aren't bad either at 220ms (not that it matters for streaming). Where they do matter are my VoIP calls via SIP and Skype Video that I route over the same link. No one has ever complained about latency :)

    Yes, equipment definitely matters. Like I said earlier, any mid to high-end router supporting the OpenVPN client would do, but the underlying assumption is that a stable and fast Internet connection is in the offing.

    Sent from my HTC One using Tapatalk 2