Selecting a Router with VPN Support

As noted in the previous section, typical SOHO and small-business wired or wireless routers support a single VPN tunnel at a time through a feature known as pass through. This feature enables VPN data to pass through the router without interference.

This is sufficient if you need to create only one VPN client connection to a remote server. If two or more people on the network, however, need simultaneous VPN access to a VPN server, or if you need to set up a VPN server for incoming VPN connections, this type of router is not sufficient.

SOHO and small-business router vendors take two approaches in providing additional VPN tunnels. Some models incorporate pass through for multiple VPN tunnels. Typically, routers that offer multiple VPN pass throughs can handle two to eight simultaneous tunnels (users). This type of router supports multiple outgoing VPN connections, but is not designed to host incoming VPN connections.

Routers with integrated VPN support include the encryption and authentication standards used by VPN clients such as IKE, MD-5 authentication, DES, 3DES, and others. Some of these routers are designed to support only outgoing VPN connections, while others support incoming VPN connections. Routers that support incoming VPN connections might be identified as supporting VPN endpoints or IPSec client/server. See the router's specifications or documentation for details.

SOHO and small-office router vendors such as D-Link, Linksys, and NETGEAR manufacture wired and wireless routers that support as little as 2 or as many as 50 or more simultaneous VPN connections. Depending upon the vendor, routers with support for multiple VPN connections or VPN endpoints might be identified as firewall routers, VPN routers, or by other names.