Original Link: http://www.anandtech.com/show/1440
Gigabyte 802.11g VPN Wireless Routerby Brian Ng on August 21, 2004 12:05 AM EST
- Posted in
IntroductionToday, we will be taking a look at the Gigabyte 802.11g VPN Wireless Router (GN-BR404W). The Gigabyte GN-BR404W is targeted at users and small businesses, incorporating all the essential networking functions into one package. The GN-BR404W includes a wireless 802.11g compliant access point (AP), which lets users connect wireless 802.11b/g devices to the network while the router function lets your whole network share a high-speed cable or DSL Internet connection. And finally, the Virtual Private Network (VPN) function allows remote users to connect to your home or office network securely via the Internet.
- 802.11g VPN Wireless Router
- Advanced Smart Setup Support
- Advanced Network Management Support
- Advanced Wireless Security Support
- DNS Replay and Dynamic DNS Support
- User define Static Routing Support
- Advanced Firewall and Parental Control Support
- Advanced Log Management Support
- Advanced Web Management Support
- Extended Distributed Wireless Systems (EDWS) Support
- Support 802.1X, WPA, WPA-PSK authentication
- Support up to 152 Bits WEP key
- Optional of plug in IEEE 802.11a/b/g wireless card (Atheros)
- UPnP and MSN Messenger Supports
- IPSec VPN tunnel to gateway & host support
- IPSec, L2TP, PPTP NAT traversal (VPN-Pass Through)
- PPPoE Multi-Session Support
- High throughput up to 89.5 Mbps (FTP)
- IEEE 802.3 (10BaseT), IEEE 802.3u (100BaseTX), IEEE 802.11b/g (Wireless)
Network Operation System
- Wireless - Open space: 100 - 300m; Indoor: 30 - 100m
Packaging and DesignThe GN-BR404W comes packaged with the router itself, AC power adapter, user guide, a cross-over and straight-through CAT5 Ethernet cable, and cradle that doubles as a wall mount.
The design of the BR404W is simple and for the most part, user friendly. Yellow LEDs correspond to each of the four LAN ports, WAN, wireless WAN, and power. It would have been nice if there were different colored LEDs to correspond to connection speeds and the yellow LEDs be a little brighter. There is no power button to power cycle the router to prevent accidental power cycling of the router. A pin hole button is available to set the router to factory defaults.
One downside to standing up the router is the layout of the Ethernet ports. We had the router tip over on several occasions when the LAN ports were connected. The design of the router differs from some of the other VPN routers in that there is no antenna. This seems especially odd since the GN-BR404W and GN-B49G have exactly the same physical housing. Looking at the picture below, you can even see the circular molding where the antenna would go.
However, looking at the router carefully reveals a tab that one can slide off. After doing this, we see why there was no antenna in the router. The router uses Gigabyte's own GN-WMAG wireless LAN card for its wireless communications.
Here is a closer look at the wireless card itself.
"Smart Setup"Setting up the BR404W for a wired connection was simple and straight forward. One feature that Gigabyte touts and actually works quite well is the "Smart Setup". Connect an Ethernet cable to one of the router's LAN ports and enter the IP address of 192.168.1.254 in a web browser. Enter the default user name and password, and the router will attempt to detect the type on network you are on automatically. If the router's WAN port is connected to a DHCP enabled network, a message box stating that this is displayed will automatically configured itself to DynamicIPAddress Mode. After an automatic reboot, the WAN configuration is complete. The downside to this is when the router is to be configured for a static IP while on a DHCP enabled network. A forced DHCP configuration and reboot is required before you can configure the IP manually.
When connected to a PPOE network, a login screen for your username and password will be presented. Lastly, if the router does not detect any of the aforementioned networks, it will default to manual IP configuration. A static IP configuration screen is presented to enter the networking information.
Advanced SetupConfiguring the BR404W for wireless connectivity was simple as well. If you have an 802.11b/g capable card, the default settings are enough to get you started. The standard wireless configuration options are all present in the BR404W.
In addition to the basic open and share WEP key authentication types, the BR404W also supports WPA, WPA Pre-shared key, and 802.1x. For those who want to replace all their wired connections with wireless, the BR404W also supports WDS.
There are default two wireless options that should be changed from the defaults: SSID and the authentication type. Changing the SSID to some random alphanumeric string and enabling 128 bit WEP should keep the casual wireless user from detecting and hacking the network. If additional security is required, limit communication to the AP by enabling MAC address access control.
The BR404W also has additional features for those who need special configurations. The following options available are Routing Table, Virtual Server, Firewall Rule, DNS Configuration, URL Blocking, and VPN Configuration. We'll briefly touch upon some of the options and sub-options available.
The Routing Table option allows for the configuration of RIP (routing information protocol). RIP is a dynamic protocol that will automatically discover routing tables. However, under certain situations, some of the subnet does not go through the default gateway and manual routes are needed. Up to four manual routes can be added.
The Virtual Server option allows for a creation of a DMZ (demilitarized zone) if certain applications or games fail to run properly behind the router. The PPoE/DHCP/Static Type allows for the creation of virtual servers. The virtual servers allow a PC connecting from the WAN end to connect to the internal LAN's services such as FTP.
The Firewall Rule's Security Configuration page contains a list of check boxes to enable certain firewall settings easily such as stealth mode, computer access detection, and remote file sharing. For additional fine tuning, the BR404W supports up to 64 static firewall rules, with rule 1 having the highest priority and rule 64 having the lowest.
DNS replay, dynamic DNS, and URL blocking round out the advanced features of the BR404W. The VPN capabilities will be covered in a later section.
Administration and ManagementLike many of the SOHO routers and APs in the market, the BR404W has a web-based administration. For a quick glimpse of the state of the BR404W, there is a status button that will show the general networking information along with links to seven other networking status.
The other management tools available are all mostly what you will find in other consumer broadband routers. The PPP Monitor displays the WAN connection status and allows for the disconnection and reconnection to an ISP. The Reboot, Initialization, and Change Password options are self-explanatory.
The Change WAN MAC is an interesting option that allows for the assignment of a MAC ID. This is useful if a specific MAC ID is required for the router to connect to either a corporate network or an ISP. In case the BR404W is moved to a different environment that does not require a specific MAC ID, the ability to restore the default MAC ID is available.
The Upgrade Firmware allows for the upgrade of the BR404W to the latest firmware provided by Gigabyte. The upgrade process is simple. Just download the file from Gigabyte's website to a PC. Then click the Browse button from the Upgrade Firmware page to the file location and click on the upgrade button.
The Backup Restore option is a nice feature that allows for the backup and restoration of the configuration settings of the BR404W. While configuring the basic setup of the router is easy, re-entering numerous firewall rules, routing tables, and restricted URLs can be a chore. The option of restoring the configuration, if the router had to be reinitialized or to undo a mistake somewhere in the firewall configuration, is very convenient.
The Log Information displays the records of the firewall, WAN connection, and UPnP log. Save Maintenance provides a way to save the log and status information for use with Gigabyte's tech support. A web-based PING utility rounds out the management features of the BR404W.
The Help option loads a HTML condensed version of the manual. For the most part, the paper and HTML documentation does a decent job of instructing a user on configuring the BR404W. However, certain parts of the manual need some grammar correction. In addition, more information on the configuration and the configuration's options are needed in certain sections, especially the VPN section.
Overall, the navigation and configuration of the BR404W via the web page are quick and easy. Most of the options require a reboot, but Windows users should be used to that. There are two minor annoyances that hopefully will be fixed in the next version of the web administration. One is the Setup Wizard button on the main administration page. Clicking on the button will start the Smart Setup process automatically without a confirmation prompt.
The second annoyance is the Smart Setup process itself. As mentioned earlier, if the BR404W was configured for static IP, but on a DHCP enable network, it will configure itself for DHCP. There are a couple of problems with this; the first being all configuration settings are lost. Additionally, the IP that the BR404W dynamically selects can be different each time. This truly becomes annoying when the router is in a remote site and you are trying to find the IP that the router is using.
Network PerformanceThe BR404W is one of the many new wireless routers that offer "turbo" modes of 802.11g. Looking at the documentation carefully reveals that the much touted 89.5 Mbps throughput is only at WAN-LAN connections. For our wireless connections benchmarking, we used SiSoftware's SANDRA.
The two test machines used are configured as follows:
|OS:||Windows XP SP1 and all patches applied|
|Wireless NIC:||Linksys WMP54G with Broadcom BCM94306 chipset machine 1 NetGear WG311 with Atheros AR5212 chipset on machine 2|
|NIC:||Onboard Intel 10/1000*|
Five performance tests were conducted on the BR404W. The first test was an open WIFI system connecting to a wired LAN client. The second test was a WIFI client configured with 64 bit WEP enabled and a wired LAN client. The third test was a WIFI client configured for WPA Pre-shared key and a wired LAN client. The fourth test was between two WIFI clients, both with 64 bit WEP enabled. Lastly, two wired LAN clients were tested. All tests were conducted with the wireless clients within six feet of the AP router. The wired clients were connected with 25 CAT5 Ethernet cable on an Allied Telesyn 10/100 switch.
The results are as follows:
|Test 1 (Open WIFI to wired LAN client)||2524 KB/s|
|Test 2 (WIFI w/64 bit WEP to wired LAN client)||2162 KB/s|
|Test 3 (WIFI w/WPA to wired LAN client)||1658 KB/s|
|Test 4 (WIF to WIFI client w/64 bit WEP)||1194 KB/s|
|Test 5 (wired to wired LAN client)||9216 KB/s|
Screenshots of the tests can be found here:
The results that we received in our testing were typical with other 802.11g implementations. With each additional security feature, such as WEP and then WPA, performance took a noticeable hit. The same can be said for the number of wireless clients connecting to the AP. The amount of bandwidth available will depend on the security option chosen, such as WPA, divided by the number of clients.
VPNOne sort of misleading advertised feature with the BR404W is its VPN. Some users might see a VPN router and believe that there is no difference from one company's offering to anothers. This is not the case; the BR404W does not support remote client VPN into the router itself. Unfortunately, as mentioned earlier, for those who are new to VPN, the documentation does not clearly give the user adequate information to setup a VPN connection properly without spending an extended amount of time.
The flavors of VPN that are supported include VPN pass through and gateway to gateway mode. VPN pass through simply means that the router has the ability to allow VPN traffic to pass through the router's firewall. Gateway to gateway mode allows for the creation of a secure tunnel from the router to another VPN router over the internet. For example, connecting the BR404W from home to a corporate network's VPN router.
ConclusionAll in all, Gigabyte's attempt at a wireless VPN router was a pretty good one. There are minor annoyances with the web administration, which should be easily fixed in a future firmware. The VPN capabilities should be better documented on the box and the documentation itself. Too many average users do not fully understand that one vendor's implementation of VPN in their router is not necessarily the same as their competitor's, even if both companies use the word "VPN" in their marketing.
An added bonus is the fact that the wireless NIC can be removed without affecting the functionality of the BR404W as a LAN router. It is a nice touch that you are able to take the NIC out and plug it into a laptop for use on another wireless network, such as in a café.