Are low-end business routers/firewalls any good?

Perc

Very Odd Looking Vehicular Object
Joined
Mar 31, 2008
Messages
6,772
Location
Finland
Car(s)
Passat Alltrack
I've been looking at low-end business firewalls like the ZyXEL ZyWALL USG 20. It supports "up to 175Mbps", altough it doesn't say anything about the number of connections, and costs around 200 euros with finnish VAT. Not too bad, if it works.

This would be for my one-person household, routing a 100/5 cable connection. Right now, my cable modem acts as the router and every once in a while when something's uploading (like a dropbox sync) everything else literally grinds to a halt. I'm not talking the usual slowdown you get with assymetrical connections. I mean I can't open a new connection to anything else. Powercycle the modem and it's fine-ish for a week or two again.

I could always nag my ISP to give me a new modem, but I was on the phone with them already and the support person didn't seem to have a clue what was wrong. My other option would be to just put it in bridge mode and put a proper business-grade router behind it. I'm not really liking the idea of buying yet another consumer-grade plastic box with bright blue leds, but I'm not sure if the business stuff is any better just because the devices are uglier and pricier.

Or should I just buy yet another ~100 euro consumer box and call it a day?
 
Care to elaborate on that? :)
 
No. Get consumer stuff.

QFT

Go grab a gigabit ASUS router and call it a day. If you plan on getting an AC devices any time soon (i.e. MacBook), then get one with AC.

http://www.asus.com/us/Networking/Wireless_Routers_Products/

I have the RT-AC66U which has seen been replaced by better models but it is an excellent router.

It supports "up to 175Mbps"

That is some horrendously slow WiFi. Mine will theoretically do up to 1.75Gbps (10x as fast). This is the best I've seen though in the real world (yes, a wired gigabit connection would be slower!):

I6GNqPv.png
 
Last edited:
QFT

Go grab a gigabit ASUS router and call it a day. If you plan on getting an AC devices any time soon (i.e. MacBook), then get one with AC.

http://www.asus.com/us/Networking/Wireless_Routers_Products/

I have the RT-AC66U which has seen been replaced by better models but it is an excellent router.



That is some horrendously slow WiFi. Mine will theoretically do up to 1.75Gbps (10x as fast). This is the best I've seen though in the real world (yes, a wired gigabit connection would be slower!):

I6GNqPv.png
Well not really, by nature wireless connection is half duplex so you are actually getting 650Mbps, that's before we get into packet drops and so on that are bound to occur when you are dealing with a radio transmission.

As far as actual hardware goes I'm impartial to the Apple line of routers mainly because I've had mine for years now (11n obviously) with no issues but they are somewhat more limited in what you can do with them, for example no custom firmware.
 
That is some horrendously slow WiFi. Mine will theoretically do up to 1.75Gbps (10x as fast).]

I never said anything about WiFi. :p It's a wired device, that's the LAN-WAN throughput.
 
Care to elaborate on that? :)

I wondered the same what you did some 8 years ago, and decided to get a low-end office grade Linksys. It was horrible. It had 'VLANs', which meant that you could put different ports in different VLANs, but didn't offer any form of routing between those. It overheated like nothing else, it had trouble routing more than 50Mbit/s, and the wifi coverage was just utterly horrible. Sold it for about 75% of what I paid for it, spent less than the money I got for it on a Netgear RangeMax and never looked back.
Bottom line is, they're not better or worse than consumer-grade stuff, and most lack features that us consumers really like, such as QoS, UPNP, etc.
 
I've been looking at low-end business firewalls like the ZyXEL ZyWALL USG 20. It supports "up to 175Mbps", altough it doesn't say anything about the number of connections, and costs around 200 euros with finnish VAT. Not too bad, if it works.

This would be for my one-person household, routing a 100/5 cable connection. Right now, my cable modem acts as the router and every once in a while when something's uploading (like a dropbox sync) everything else literally grinds to a halt. I'm not talking the usual slowdown you get with assymetrical connections. I mean I can't open a new connection to anything else. Powercycle the modem and it's fine-ish for a week or two again.

I could always nag my ISP to give me a new modem, but I was on the phone with them already and the support person didn't seem to have a clue what was wrong. My other option would be to just put it in bridge mode and put a proper business-grade router behind it. I'm not really liking the idea of buying yet another consumer-grade plastic box with bright blue leds, but I'm not sure if the business stuff is any better just because the devices are uglier and pricier.

Or should I just buy yet another ~100 euro consumer box and call it a day?

pretty much guarantee that if you just use your existing cable modem in bridge mode and get a router you'll solve 95% of your issues. I've got a hunk of shit my ISP gave me that overheats and restarts itself all the time if you try and use it as a router but in bridge mode to a airport extreme it hasn't gone down in about 12 months
 
I would be looking at Airport Extremes but my friend can't talk about his without swearing. :p

Guess I'll try to revive my WNDR3700 with DD-WRT. I didn't have any luck with the stock firmware, it keeps disconnecting my SSH sessions.
 
pretty much guarantee that if you just use your existing cable modem in bridge mode and get a router you'll solve 95% of your issues. I've got a hunk of shit my ISP gave me that overheats and restarts itself all the time if you try and use it as a router but in bridge mode to a airport extreme it hasn't gone down in about 12 months

Yeah, my modem/router is set to DMZ mode to forward all connections onto my real router. Works great.

- - - Updated - - -

I never said anything about WiFi. :p It's a wired device, that's the LAN-WAN throughput.

Yuck! Why so slow? :eek:
 
Yeah, my modem/router is set to DMZ mode to forward all connections onto my real router. Works great.

- - - Updated - - -



Yuck! Why so slow? :eek:

I only have 100 down, so 175 would be more than enough I think.

I managed to enable bridging on the modem, even though my ISP disabled the tab in the UI. Not too hard to get around once you manage to find the instructions on google. The main problem is that 95% of Fritzbox users seem to be Germans. :lol:

I spent most of tonight fucking around with dd-wrt on my WNDR3700, bricked it, unbricked it and bricked it again and now it seems to work. I don't really need any other features from it except for upstream bandwidth management (QoS), which is largely worthless on the stock firmware.

Shame, I had been looking forward to having to buy a new router :p
 
Last edited:
I only have 100 down, so 175 would be more than enough I think.

I only have 35/35mbit but I still like to quickly transfer files between my computers as well as my NASes. Gigabit is handy for that.
 
I only have 35/35mbit but I still like to quickly transfer files between my computers as well as my NASes. Gigabit is handy for that.

I said LAN to WAN throughput. The LAN switch is all gigabit, of course.
 
Yeah, my modem/router is set to DMZ mode to forward all connections onto my real router. Works great.

I totally missed this before.

So DMZ doesn't mess with port forwards and the like? It's essentially double NAT even if the connections are forwarded.
 
I totally missed this before.

So DMZ doesn't mess with port forwards and the like? It's essentially double NAT even if the connections are forwarded.


you shouldn't need to do a DMZ mode if you're combo device actually has a bridge mode already - just plug your WAN port from your actual router into any of the switch ports. You're not double natting because the connection is actually being terminated at your router
 
you shouldn't need to do a DMZ mode if you're combo device actually has a bridge mode already - just plug your WAN port from your actual router into any of the switch ports. You're not double natting because the connection is actually being terminated at your router

I realize that. I also realize that the bridge mode I enabled is a kluge that might stop working when my ISP pushes an update to the cable modem. It involves changing a word in one of the URLs in the UI for the WAN settings to get to a hidden tab.

I'll talk to my ISP at some point to see if they have any options available for me. They used to have a basic 1-port Cisco bridge you could get for free before, but I paid a bit extra for the modem with all the bells and whistles hoping it would serve my needs. I also wanted to have a few devices as possible next to the TV.
 
Last edited:
I realize that. I also realize that the bridge mode I enabled is a kluge that might stop working when my ISP pushes an update to the cable modem. It involves changing a word in one of the URLs in the UI for the WAN settings to get to a hidden tab.

I'll talk to my ISP at some point to see if they have any options available for me. They used to have a basic 1-port Cisco bridge you could get for free before, but I paid a bit extra for the modem with all the bells and whistles hoping it would serve my needs. I also wanted to have a few devices as possible next to the TV.
Can't you buy your own modem? A friend of mine did just that solved 99% of his connection issues.
 
Top