Wireless Router with L2TP Server?

[escape75]

Just wondering if there's a good wireless router with L2TP server built in?

I know Asus has OpenVPN and PPTP, but no L2TP and as far as I know L2TP is not
any less secure than let's say OpenVPN, and of course PPTP should be avoided ...

Right now I'm using and RT-AC1900P which has pretty good wireless, but wouldn't mind
having better wireless range if possible at all possibly using a 4x4 for both 2.4 and 5 ghz.

I have tried a Synology RT2600AC and wasn't impressed with the wireless on it,- bit worse
that my current Asus, and there was also other bugs that I was running into here and there.

I'm pretty sure D-Link routers have L2TP built-in but how good are they really ?
I'm leaning towards something with a Broadcom wifi chip as they seem pretty good ...
Maybe something with dual BCM4366E chips, but also with L2TP support

Asus seems to update firmware quite often which is nice, possible since it's buggy? lol
Some of the other manufacturers don't seem to be updating at all (D-Link?) which is bad ...

Any advice would be appreciated!

 

[psychopomp1]

as far as I know L2TP is not
any less secure than let's say OpenVPN

That's incorrect. OpenVPN protocol has far better encryption that L2TP. I suspect you were referring to L2TP with IPSec which is better than L2TP but still nowhere near as secure as OpenVPN. TBH I would just use the OpenVPN server on the Asus router.

Asus seems to update firmware quite often which is nice, possible since it's buggy? lol
Some of the other manufacturers don't seem to be updating at all (D-Link?) which is bad ...

Well logic would suggest router manufacturers only need to release firmware updates to fix bugs and/or to release new router features. Firmware updates aren't released just for the sake of it. My Linksys EA9500v2 hasn't had any firmware updates since March 2018, does that mean it is "bad"? Far from it, my router runs rock solid. Now compare this to the Asus GT-AC5300 (same hardware as Linksys EA9500v2) which has had about a trillion firmware updates yet is still buggy as hell....

 

[escape75]

Whether the EA9500 is bug and exploit free is debatable ...

Asus releases updates not only to patch exploits but also to add new features, AiMesh, etc., and there seems to be quite a few people switching away from high end Linksys products because of no updates.

We can only guess the EA9500 has fixes for Krack since Linksys doesn’t even confirm that anywhere oficially, but maybe Linksys is not the same after they have been sold to Belkin?

In any case, getting back to topic, I was referring to L2TP over Ipsec as it’s widely supported in windows (7+) and IOS ...

I have just purchased the Asus Blue Cave and playing around with it, seems like the 2.4 and 5 ghz work very well so I think I will move it upstairs and put it in access point mode (since I have a wire run upstairs) and that will make my wireless coverage good, and I will only be missing a good vpn router for downstairs which will not need wireless.

Any recommendations? Maybe an edgerouter?

I would prefer something with 4 or more switch ports and and easy GUI, which I know the edgerouter doesn’t really have as far as administering L2TP servers ...

 

[sfx2000]

That's incorrect. OpenVPN protocol has far better encryption that L2TP. I suspect you were referring to L2TP with IPSec which is better than L2TP but still nowhere near as secure as OpenVPN.

L2TP is fine - and more efficient that OpenVPN... they're both secure, and L2TP includes IPSec.

Notable that both Windows and Mac/IOS support L2TP out of the box without downloading a third party client.

Just note that before you get into this vs. that - I've done the hard work as a developer for Router/AP's, Carrier Grade Networks, and most recently with Enterprise level SDWAN and Routing/Switching there...

 

[escape75]

Sounds good,- so keeping in my that I will move my "blue cave" to be access point only,
what would you recommend for a not too expensive ($150) router that has l2tp/ipsec ?

I know D-link routers have that functionality but I don't need wireless, so possibly a ubiquity edge router?