PDA

View Full Version : Router, Hub question


Casual_Shooter
08-03-2010, 3:49 PM
Hi all,

We currently have a 3Com OfficeConnect Secure Router and an OfficeConnect Hub (TP16C). Over the past few months, we've lost our internet connection a few times (intranet works fine) and resetting the router fixes the problem. Unfortunately, this router is no longer supported by 3Com so I'm thinking it's time to replace it.

We are on a DSL line. Am I correct in assuming almost any DSL router (we have a separate modem) will suffice?

Also, would there be any benefit to buying a router with the required number of ports and replace the two boxes - hub and router- with one box router/hub? We need approx 12 ports.

Thanks in advance.

Kodemonkey
08-03-2010, 3:56 PM
I have yet to run into a router that didn't work with DSL.

I have personally found that the wireless routers' radios go out fairly quick - so I don't spend much on them anymore. Cheap d-links seem to work pretty well, last about a year or so and you end up having the same problem you are experiencing. I used to buy more expensive cisco equipment and had the same issues with reliability. The small office grade stuff just doesn't last. But if you spend the big money on a high end router it will probably outlast the technology curve (I've got cisco 2120 routers still plugging away after 10 years).

So, my experience is to buy cheap and replace often.

You probably won't find a router that will have 12 ports on it. Just buy an inexpensive switch to hook up to it. gigabit switches are CHEAP nowadays.

my two cents...

Kodemonkey
08-03-2010, 3:59 PM
Do you do any port forwarding or inverse NAT?

Casual_Shooter
08-03-2010, 4:03 PM
Do you do any port forwarding or inverse NAT?

I should have added those details.

Yes, we have just started using Port Forwarding. Don't know what inverse NAT is so I'm guessing we don't use that.

I would like something with options to view logs of activity and manage "approved" or "blocked" websites to limit where users can go while at work.

Kodemonkey
08-03-2010, 4:10 PM
I should have added those details.

Yes, we have just started using Port Forwarding. Don't know what inverse NAT is so I'm guessing we don't use that.

I would like something with options to view logs of activity and manage "approved" or "blocked" websites to limit where users can go while at work.

Inverse NAT is just port forwarding but with the ability to have multiple IPs on the public side. If you have a single IP (on DSL you would most likely) you are just port forwarding.

The cheapo dlink I have can do port forwarding, but not inverse NAT. Most routers can port forward, but just check to make sure.

If you need to inverse NAT then you are talking higher end hardware and most likely a T-1 (not DSL). Just wanted to make sure I didn't point you in the wrong direction.

you will probably want to setup a syslog machine to capture logs on a cheaper unit, unless you go higher end and buy a sonicwall or something (I've used those before - LOVED them but they were expensive). The cheaper stuff has limited capacity for blocked sites. If you really want to crack down and block sites, I suggest the sonicwall route. you don't have to do much admin on them and they are dead easy to use.

socalblue
08-03-2010, 4:39 PM
Are you sure it's NOT the DSL modem? What happens when you reset just the modem after Internet loss? If it does require a router reboot that's OK - time to swap it out.

If you can fit it into the budget get a real firewall instead of a router (Juniper / Netscreen SSG5 or Cisco). You don't get packet inspection from a router so you can & will be compromised when port forwarding. The slightly more expensive routers "with firewall" do not have deep packet inspection capability (IE: waste of $).

Casual_Shooter
08-03-2010, 7:23 PM
Are you sure it's NOT the DSL modem? What happens when you reset just the modem after Internet loss? If it does require a router reboot that's OK - time to swap it out.

If you can fit it into the budget get a real firewall instead of a router (Juniper / Netscreen SSG5 or Cisco). You don't get packet inspection from a router so you can & will be compromised when port forwarding. The slightly more expensive routers "with firewall" do not have deep packet inspection capability (IE: waste of $).

Guess I can't say I'm "sure", but over the years of the DSL going out now and then, spending 2 hours on the phone with SBC was 118 minutes of wasted

SBC: "Ok, now unplug the modem and wait 60 seconds"-

Me: "Nope. That didn't work"

and 2 minutes of

SBC: "Well, I guess it's not the modem. Unplug the router and wait 60 seconds".

Me: "It's working now".

Casual_Shooter
08-06-2010, 11:07 PM
Well, strike one.

On the advice of a couple of friends, I bought a Netgear Prosafe FVS318. Installation was easy and there were no connection issues.

My problem started when I went into the programming. It appears you can only have one "Trusted IP". I need to filter access to other PC's, but at least two need to have unlimited access. It surprises me that the older 3Com (which I'm pretty sure was significantly cheaper than this Netgear) could allow this programming, but this "Enterprise" unit can't.

Back to the drawing board.

Casual_Shooter
08-07-2010, 9:40 PM
Strike 2:

Netgear N300 with "Live Parental Controls".

Unfortunately, that software only works with PC's and we're all Macs here at the office. Same interface as the other with the ability to only have one "trusted IP".

Third time was a charm....

Posting on a Netgear forum, it appears the FVS318 is the lowest level model but there is another model with more features- the FVS318G.

The "G" comes with significantly more features. It has the ability to group users. Then you can limit the access for those groups. Works for me. :)

Purchased it tonight and although the browser-based interface had a few hiccups (pages needing to be reloaded to show up) the end result looks like it will work well.

Referring back to the other thread- Journey or Destination, I can say the journey was a little rough, but reaching the destination felt good.

tools2teach
08-11-2010, 10:00 AM
I you have a small group of yours get yourself a dedicated firewall instead of a all in one. There are processors in the switch and in the router which means more work for the one device. Firebox or Sonicwall are good ones just to name a few. Cisco is expensive and there is a learning curve unless your you have a enterprise.

Stunata
08-17-2010, 7:16 AM
Purchase a router that supports Tomato firmware. Cheap and open-source.

http://www.polarcloud.com/tomato

I have installed these in several offices and they are quite robust.
Gives you lots of control over every aspect of routing/wireless etc.

locosway
08-20-2010, 7:06 AM
Get something like a Linksys WRT54G that supports aftermarket firmware. I haven't run Tomato yet, but I have run other opensource firmware on my routers and I love it. You get big boy features for a very low price. There's no reason to buy a Cisco or other high end router if you're just running DSL. The router won't improve your uptime, and your DSL doesn't have a SLA anyway.

Casual_Shooter
08-20-2010, 8:00 AM
While I already purchased the Netgear, I'm curious about the aftermarket firmware aspect.

I assume this lets you control the router differently than with what originally with the router?

locosway
08-21-2010, 7:17 AM
While I already purchased the Netgear, I'm curious about the aftermarket firmware aspect.

I assume this lets you control the router differently than with what originally with the router?

A router is just a small computer. The firmware on the router is the operating system. It's the difference between say, Windows and OSX, or Linux. While the default firmware is fine for most home users, the ability offered in the aftermarket open source firmware is huge! You can have your device do real QoS, or VPN.

I had my linksys setup to rewrite all DNS requests to OpenDNS. This made my filtering for my kids unable to be bypassed.