Passing data over the internet securely

Page 2 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.

Lithium381

Lifer
May 12, 2001
12,452
2
0
if it were only two sites you could use the free vx-x from silverpeak, it's a virtual appliance web accelerator that goes up to 4mb lan = about 10mbps LAN traffic and encrypts everything with aes128!

iT SOUNDS like point to point vpn tunnels are going to be best for you. Spend $120 and get some used cisco hardware off of ebay for three pix devices or netscreens. They're pretty simple to setup. I've done many VPN's for clients, it's pretty straight forward.
 

frowertr

Golden Member
Apr 17, 2010
1,372
41
91
iT SOUNDS like point to point vpn tunnels are going to be best for you. Spend $120 and get some used cisco hardware off of ebay for three pix devices or netscreens. They're pretty simple to setup. I've done many VPN's for clients, it's pretty straight forward.


Agreed if you aren't willing to use third party services (Himachi etc...) I use the Cisco RV042G in my small business. It can do gateway-to-gateway or client-to-gateway VPN. It has a nice gui and can support 50 VPN tunnels via IPSec. You can also use the Cisco QuickVPN software with it to take some of the hassel out of setting up a VPN (although the QuickVPN has its own issues at times).


Review here: http://www.smallnetbuilder.com/lanwan/lanwan-reviews/31826-cisco-rv042g-dual-gigabit-wan-vpn-router-reviewed


You will still some basic networking knowledge to get it up and running. User manual for RV042G here.
 

iamgenius

Senior member
Jun 6, 2008
815
98
91
Agreed if you aren't willing to use third party services (Himachi etc...) I use the Cisco RV042G in my small business. It can do gateway-to-gateway or client-to-gateway VPN. It has a nice gui and can support 50 VPN tunnels via IPSec. You can also use the Cisco QuickVPN software with it to take some of the hassel out of setting up a VPN (although the QuickVPN has its own issues at times).


Review here: http://www.smallnetbuilder.com/lanwan/lanwan-reviews/31826-cisco-rv042g-dual-gigabit-wan-vpn-router-reviewed


You will still some basic networking knowledge to get it up and running. User manual for RV042G here.

Looks like it is worth a try. I'll give it a shot and see. Thanks to everybody.
 

Lithium381

Lifer
May 12, 2001
12,452
2
0
Just so you know, if you decide to go the rv042g route, it only supports DES and 3DES encryption. . . not AES.

Depending on the sensitivity of your data, i would consider running at least AES128 . . . DES has demonstrated weaknesses, and 3DES is simply DES 3 times over . . . BUT because of some implementations there is a weakness in that it uses the same key for the 1st and 3rd runs of the algorithm, rendering it as a total of 112 bit encryption, NOT 168 as you might think . . currently I believe it's still used by the government, but it's slated to be deprecated soon in favor of AES.

keep that in mind.
 

beginner99

Diamond Member
Jun 2, 2009
5,315
1,760
136
Last edited:

frowertr

Golden Member
Apr 17, 2010
1,372
41
91
Just so you know, if you decide to go the rv042g route, it only supports DES and 3DES encryption. . . not AES.

This is technically correct and incorrect. If you use the Cisco QuickVPN client to tunnel in, then that tunnel will only use 3DES (or maybe even regular DES I can't remember) encryption. However, you can configure your own IPSec tunnel (individual or group) to use AES-256 encryption, Sha1 Authentication, and Group 5 Diffie-Hellman exhange protocol and then use a 3rd party VPN client like GreenBow. That essentially makes it good enough Top Secret work.

I will say that I don't know if this router can pass an IPSec tunnel out of the remote LAN. In other words, I am not so sure this will be the router for you if you are wanting to tunnel into the LAN and then back out onto the internet. I have never tried that.

Edit: After some quick testing, I haven't been able to tunnel out to the internet so this router may not be able to do that which is a shame. I'm guessing because it isn't a $500+ Cisco router.
 
Last edited: