Dual Wan vpn router recommendation

[Chris TT]

Looking to replace my TPlink tl-r470t+, which in a prev post someone says is rot. All cameras blocked from wan, but i want to close bi port and implement vpn. New to vpn. Willing to spend up to $200 for ease of implementation, stability, security. I have 2 young kids can't spend whole day tweaking and playing with my network anymore!

Need a dual wan, vpn router. For home use. Currently; 3 access points, 9 cams, bi4 pc, veralite, teamviewer, plex, alexa with habridge, noip. 60down, 20up cable modem and backup adsl modem.

Read that Asus is recommended in Nayr post for newbies, but can't find a dual wan Asus. Looked at cisco rv320k9na and linksys lrt224 but the reviews are so mixed. !

Oh 1 more thing, when my tplink switches to wan 2, i have internet internally, but unable to remote access anything including teamviewer, even if you use the public wan2 address directly... Hoping better router can handle this.
You assistance is appreciated!

 

[bogi]

The DSL-AC88U (ASUS) does have two WAN Ports.
Maybe you can also have look into pfsense(or a different software) and build your own router.

 

[fenderman]

The DSL-AC88U (ASUS) does have two WAN Ports.
Maybe you can also have look into pfsense(or a different software) and build your own router.

it only has a single wan port..the other is an rj11..

 

[Chris TT]

Thanks bogi, thought of building my own, but since i want to get a more robust router anyway, decided on the hopefully easier route.

Thanks for clarifying fenderman.
Any other recommendations?

 

[fenderman]

Thanks bogi, thought of building my own, but since i want to get a more robust router anyway, decided on the hopefully easier route.

Thanks for clarifying fenderman.
Any other recommendations?

if you are up for building your own, check out untangle...it will also run on one of the newer linksys models i think 1900, check their site..it has a really nice interface and the free version is great..they offer a paid version for 50 bux a year that has lots of features that you would pay much more for in an enterprise settings..

 

[Chris TT]

if you are up for building your own, check out untangle...it will also run on one of the newer linksys models i think 1900, check their site..it has a really nice interface and the free version is great..they offer a paid version for 50 bux a year that has lots of features that you would pay much more for in an enterprise settings..

Thanks fenderman, will check it out. Still open to router suggestions.

 

[rnatalli]

ASUS definitely makes some of the better consumer routers and they'll often take most of the custom firmwares (Merlin, DD-WRT, Tomato, etc.), but have you considering moving to something more advanced like Untangle, pfSense, Sophos UTM, etc. I only mention it as consumer routers even those like the LinkSys 1900 with dual-core ARM processors tend to choke a bit when handling more intensive loads such as OpenVPN whereas a modest x86 platform does better.

 

[rnatalli]

if you are up for building your own, check out untangle...it will also run on one of the newer linksys models i think 1900, check their site..it has a really nice interface and the free version is great..they offer a paid version for 50 bux a year that has lots of features that you would pay much more for in an enterprise settings..

It is the 1900. Here's the link:

Linksys WRT1900ACS - UntangleWiki

 

[bug99]

Both the ASUS RT-66U_B1 and the 68U (at least) support dual WAN in their firmware. I have not used them in this mode however, so use at your own risk. I suspect that simply having a 5 port switch between the WAN modems and the router and using the ASUS free DDNS service will allow you to work well with OpenVPN in either fail-over or load balance mode.



Edit: I was messing around with this a bit and It looks like you can chose USB (usb modem ex LTE etc) or LAN as your secondary WAN, and then chose the LAN port to use (1-4). It sounds like it take around 70 seconds to fail to degrade and switch to the secondary WAN and then 70 seconds to switch back tot primary when it is back up. Also, I hear that load balance mode never works well without owning both ends of the pipes. This could be very useful with an LTE modem for almost uninterrupted service when Comcast goes down.

 

[bug99]

if you are up for building your own, check out untangle...it will also run on one of the newer linksys models i think 1900, check their site..it has a really nice interface and the free version is great..they offer a paid version for 50 bux a year that has lots of features that you would pay much more for in an enterprise settings..

Untangle Sounds interesting. I am curious about the free version. what do you get compared to stock router NAT plus firmware? Is the $50 / year basically DPI of a full blown firewall on a home router (ex Linksys) without the $500/yr price tag (or 5x of this for 100 users)? For those prices, is it comparable to Sophos and Sonicwall if run on a 1U i7 appliance?

 

[ldasilva]

i use Peplink SD-WAN. Protecting Business Continuity.
2 dsl lines and a cell connection

 

[fenderman]

Is the $50 / year basically DPI of a full blown firewall on a home router (ex Linksys) without the $500/yr price tag (or 5x of this for 100 users)? For those prices, is it comparable to Sophos and Sonicwall if run on a 1U i7 appliance?

I am just toying with it now, but yes...

 

[NoloC]

I am just toying with it now, but yes...

Curious what hardware you are using? If you buy theirs on the website you pay about $400 for an arm processor box. Would be nice to have more powerful cpu without adding to the power bill much.

 

[Chris TT]

Great options in the conversation. Peplink looks perfect, ldasilva, but price tag is about $100 more than i want to spend, and i have to add duties, taxes, ship, etc to my country.

Untangle and others look superb, but more options than i can digest.

Bug99, going to take a look at the Asus with dual wan....

 

[fenderman]

Curious what hardware you are using? If you buy theirs on the website you pay about $400 for an arm processor box. Would be nice to have more powerful cpu without adding to the power bill much.

I have a spare elitedesk i5-4590...i believe it tested 16w at idle... modern Intel processors are very efficient...an i3 will be more than enough...

 

[brentkhack]

I just bought the ASUS RT-AC3200 that is dual WAN and has VPN.

 

[Chris TT]

Both of the Asus handle dual wan and Vpn. Don't know why the dual wan feature is buried in spec sheets. Thanks for the recommendation.

Can either of you tell me how the Asus handles failover?
Is the network accessible remotely via wan2 in failover?
How does it handle dns in failover?

 

[Ford]

The best deal is the ubiquiti Edgemax routers. They will do multi WAN (load balanced and/or failover) and VPN and are dirt cheap.

They are enterprise grade but there is no subscriptions required. You will have to use the CLI to implement the advanced stuff and it can be a steep learning curve, but they really perform (up to gig speeds on the WAN) and you will be hard pressed to out grow them.

And you are all set to migrate to the unifi access points when you get tired of consumer-grade junk.

 

[rnatalli]

The best deal is the ubiquiti Edgemax routers. They will do multi WAN (load balanced and/or failover) and VPN and are dirt cheap.

They're definitely a great deal especially their UniFi AP Lite. The only downside to their routers are the GUI as they still depend heavily on CLI. I don't mind that, but it isn't for everyone.