Linksys BEFVP41 EtherFast Cable/DSL VPN Router with 4-Port 10/100 Switch
Index

Compras Nikon
Bluetooth
The Instant Broadband™ EtherFast Cable/DSL VPN Router from Linksys provides the perfect solution for remotely accessing a networking securely over the Internet using cutting-edge encryption and authentication methods.

Utilizing 56-bit DES and 168-bit 3DES encryption, header authentication, and Internet Key Exchange (IKE) access control, the EtherFast Router’s full IPSec Virtual Private Network (VPN) capability provides complete data privacy for the access and exchange of your most sensitive data.

Dial into your corporate network to work from home, or even establish your own Virtual Private Network between remote office locations. The EtherFast Cable/DSL VPN Router is capable of conducting up to 70 independent Virtual Private Networking tunnels simultaneously.

Since the VPN Router is compatible with virtually all major operating systems and standards, it’s easy to set up and use, making the Instant Broadband™ EtherFast ® Cable/DSL VPN Router the perfect solution for your broadband needs.
1 VPN incompatible with ADSL service!
What Linksys does not tell you on their website is that their box does not support PPPoA (protocol used by Qwest and many other DSL providers). Great as a firewall but absolutely useless for VPN. I spent more than 30 days trying to get it to work, and then could not return it--very frustrating!
2 Basic functionality, and that's about all
I bought this router hoping that some of the quality in Cisco's excellent enterprise-market routers would have worn off on adopted child Linksys. Unfortunately, my experience has me convinced that Linksys is a red-headed stepchild (my apologies to all you red-heads) who has learned very little from its adoptive parent.

That being said, the router does work out of the box, and it is probably about par for current market offerings on home-network routers. My perusals of the DSL reports hardware forums have left me with the impression that all sub-$300 routers on the market suffer their quirks and behavioral anomalies, and this one is certainly no exception.


Pros:

This router is configured to work right out of the box. You can pretty much just connect the cables and turn it on, and have functional connectivity without ever looking at a configuration screen.
The HTML-based configuration interface is incredibly easy to use. You don't have to learn one single command line to configure this router.
Default configuration was stealth mode -- meaning the router did not respond to _any_ unsolicited connection requests, forming a protective "black hole" on my IP for most uninvited packets.

Cons:

Not all of the features worked out of the box. Several of the links in the HTML command pages simply did not link to anything. Strange that Linksys would ship the firmware without at least taking 30 minutes to hide the links that don't point to anything.
Turning on the poorly documented "firewall" feature causes the router to respond irregularly to unsolicited connection requests. Sometimes the router responds "port closed" to all requests. Sometimes it responds "port closed" to some and "port open" to others (the set of which does not remain consistent from one trial to the next). Never does it maintain the stealth operation of its default configuration (with "firewall" inactive). I'm not sure how the "firewall" in this router is configured to behave, but my initial tests suggest it is more security hindrance than feature.
The router's DHCP functionality works great -- when it works. It mysteriously disengages at random intervals, requiring a reboot (and sometimes a flash to factory defaults) to remedy.
Flashing a new BIOS image is risky; router failure during a flash means shipping the router back to the manufacturer - or File13, if the warranty is out.

For what it's worth, I am still using this router. It serves its basic purpose, and while its functionality issues are annoying, there are workarounds for all of them. I probably will not buy another Linksys, but the problems with this one aren't annoying enough to warrant a return.

-sean henning
3 BEFVP41 and Microsoft PPtP Servers
As you may have read elsewhere, this router has a problem with the GRE protocol used by Microsoft for their PPtP server (see Alan Bryant's May 27, 2004 review).

This will stop you using it with the built-in PPtP VPN client/server which is provided with Windows 2000/XP.

Here is the text of a complaint I have submitted to Linksys...


"I am attempting to operate a Microsoft PPtP server behind a BEFVP41 (firmware 1.41.1). I have PPtP Pass Through enabled and port 1723 forwarded to the fixed IP address of the server but the router refuses to pass the GRE protocol used by Microsoft (Protocol 47).

In answer ID 737, you suggest forwarding port 47 presumably in a belief that this has something to do with GRE. It does not and is therefore not the solution to this problem. GRE does not use TCP/UDP port 47, it is 'Protocol 47', something entirely different.

It seems that the the writer of answer 737 has neither tested this scenario nor has a true understanding of the nature of this problem.

I and others have investigated this problem extensively using protocol analysers at the client and server ends and can only conclude that the present version of firmware in the BEFVP41 (1.41.1) is incapable of handling the GRE protocol correctly.

Can you please advise when a fix will be implemented? This is seriously devaluing an otherwise good product.

I also suggest that you amend answer 737 as it is misleading and will frustrate others less versed in IP protocols than myself."


I await a reply from Linksys as I write this review.


Having said all that, if you have no interest in running the Microsoft PPtP server, the BEFVP41 may do everything else you require.

It functions okay as a basic NAT router and it's stealth capabilities are good (Steve Gibson's 'Shields Up' reports 'True Stealth' as long as you forward port 113 to a non-existant host).

The in-built IPSec tunneling works well. I am using one to provide permanant tunnels to a number of BEFSX41's very reliably.

The web interface is a little odd at times but it does do the job reasonably and you do get used to it eventually.


To summarise:

A reasonable basic NAT router.

Very good stealth.

IPSec tunneling works okay (at least to other Linksys products).

Microsoft's PPtP server will NOT work with the current firmware version.

4 Do yourself a favor - get a NetGear FVS328
I've been using this router for almost 2 years. Recently it just stopped working - I think it finally burned out, probably due to all of the heat it generates while running. Besides that, I found that it was very slow, compared with other routers. Its VPN implementation works OK, but its slow also - I don't know why, since its hardware!!! I replaced it with a NetGear FVS328, I now my VPN connections are about 4 times faster, and my regular web browsing is a lot faster. Do yourself a favor get the NetGear!
5 Considering the price, it's pretty good...
I found this box when looking for an affordable firewall and vpn solution for remote users. On site, we're using Symantec products, including Velociraptor and their firewall V 6.5.3. The Symantec products are quite expensive (in the thousands of dollars) and count user licenses. Symantec support was absolutely horrible at a cost of nearly a grand a year. So, when pricing firewalls (especially with vpn) the linksys is absolutely dirt cheap.

When testing vpn solutions, I found IKE unreliable regardless of manufacturer, particularly when mixing different manufacturers (i.e., Linksys connecting to Symantec). I bought support from Symantec specifically to resolve VPN issues. The most intelligent comment that I received from them, is that VPN is still new to the extent there are not clear standards, so some products simply will not work with those from another manufacturer. In our organization, we have Netscreen 5xp (about $500 for a box smaller than the linksys) Sonicwall, Symantec (several flavors) and Linksys. The Linksys boxes are used remotely (in homes) only.

So, when working with IKE, I have some experience using different products from different manufacturers. I just don't use it. All tunnels are created with static keys. By far, the most difficult products for which to build tunnels are the Symantec products. The naming conventions are absolutely counter-intuitive, i.e., is it the integrity algorithm key or the privacy algorithm key that establishes the connection vs encrypting the data? The Linksys fields are much more intuitive, and similar to those of other manufacturers.

With the (also expensive) Sonic firewalls, it was not possible to build 3DES tunnels with the Linksys due to limitations with the Sonicwall. I'm able to use 3DES tunnels between the Linksys and Symantec products. I'm only able to build 3DES tunnels between the Symantec products and SOME Sonicwall products. This goes back to lack of a clear standard, restrictions on key length, some products allowing non-standard characters, and others not, etc. The Linksys is very configurable with these more expensive products, and it is the more expensive product that usually is the problem.

Regarding reliabiliy, I work from home on a daily basis, and the tunnel will remain up for months at a time. If the firewall service is restarted on the Symantec product, the tunnel drops until it is reset on the Linksys. This can be done by disabling and re-enabling, or simply rebooting the router. I simply do not worry about hacks to my home PC which runs 24x7.

Over all, the product is fantastic considering the price. For those who've been very negative, I can only say that I've not experienced it with at least half a dozen in service, and suggest that they try some other products to gain a more true comparison. I've also called Linkys support a couple of times, and consider it reasonably good. Perhaps they're not experts, but it was far less stressful than talking to Symantec (costing nearly a grand per year for the privilage) only to find a support tech that was overburdened and over stressed (perhaps from handling a complex and difficult issue for the gazzilionth time) and who made it absolutely clear that you'll come away feeling like a bumbling idiot each time you call. Consider that you get what you pay for, and paying allot is not a guarantee that all will go well. I'm a network admin for a small company.

6 A disappointment all around
I purchased a pair of Linksys BEFVP41 units to connect two office networks, and to provide for secure remote network access through VPNs to mobile users. While the units performed the former job adequately, the latter left a lot to be desired.

I should have known better when presented with Linksys' confusing marketing information. In one breath (from their web site) they say, "No IPSec VPN Client Software Needed," while in another say, "Mobile workers can also connect to a corporate network using an IPSec based VPN client software solution." As usual, there's a slight gulf between marketing spin and reality.

For PC-to-box connections, such as those with mobile users, it's true that no special client software is needed. Windows 2000 and XP users can, in fact, connect to the BEFVP41 without special software, but only if the computer has a static IP address. Whether on local networks or in a coffee shop hotspot, it's unlikely the typical desktop user will have a static IP address, which translated means that, in fact, VPN client software IS needed to make these units useful in that remote network access role.

That's because the BEFVP41 supports only IPSec. Commonly used Windows-based VPNs use PPTP or L2TP, both of which are built into Windows. But this unit (and most others) doesn't provide PPTP or L2TP support.

Back to the requirement, then, for aftermarket IPSec VPN software. The software is not inexpensive, and it adds considerably to the total cost of this Linksys solution. I tested the IPSec client from French company TheGreenBow, and it does work. The problem is that there is no DHCP or other types of dynamic addressing or DNS support; it's merely a "raw" network pipe. For most mobile users, this isn't going to be particularly functional, and that's especially true for users of networks that use Windows Active Directory. (Perhaps the other recommended option, the SoftRemote VPN client, addresses this, but either way, it's a costly add-on.)

All of this left me searching for ways to get PPTP support without buying other hardware. The suggestion widely made was to merely configure a Windows server behind the firewall to offer PPTP, and configure the Linksys BEFVP41 to pass PPTP through. Simply put, this doesn't work.

Linksys' web site features a tech note on how to configure this very scenario. However, had anyone at Linksys actually TESTED the tech note, they would have discovered it doesn't work. The tech note suggests port mapping ports 1723 (PPTP) and 47 (supposedly for GRE, a protocol necessary for PPTP to work properly). The problem is that "47" is NOT A PORT NUMBER, it is the PROTOCOL number of GRE. Mapping port 47 in the firewall has absolutely NO IMPACT WHATEVER on the GRE protocol. Whoever wrote the tech note clearly has very little understanding of the subject matter.

It is possible that some Linksys firewalls will work with PPTP pass-through, but the BEFVP41 clearly does not. Empirical evidence suggests that the GRE protocol is not properly handled internally to support the pass-through scenario. The connection can be made to port 1723 on a Windows server behind the firewall when passed through the Linksys, but without proper GRE handling, the VPN connection can't actually be established.

When you add to all of this a remarkably clunky web management interface, the Linksys BEFVP41 is a non-starter for me. Both units are on their way back to Amazon.com as I write this review. After a previous experience with the company where they took forever to update drivers to fix a compatibility issue; after seeing technically inaccurate tech notes on their support web site; and after adding-in this experience, I'll think twice before bothering with anything Linksys again.

My chosen replacement for the BEFVP41 (a pair of CyberGuard/SnapGear SG300 units) have already arrived, and have proven themselves to be far more flexible, more configurable, and more powerful than the BEFVP41. Along with their configurability, the SG300s provide PPTP and L2TP support directly (in addition to IPSec), making a total solution that (unlike the BEFVP41) TRULY doesn't require special software clients to offer a total office-to-office and mobile-to-office network solution.

7 save yourself time and stay clear of this broken product
As others have pointed out, the WAN side of this linksys box constantly crashes.

If you do not host servers inside the firewall and don't need VPN, then this works OK. But there are products that can do what you need for half the price.

If you host servers, be ready for constant disconnects: this linksys is a time wasting piece of junk.

In addition to constant WAN crashes, you'll also have to deal with documented bugs that linksys refuses to fix.

8 Worked for a month -- then died
I installed one BEFVP41 at the office, and one at home, with a VPN tunnel connecting the two. At first, I thought I won the lottery: setup was easy and it actually worked fine. After one month, one box is acting up. It died, and I cannot get it to work with the VPN feature. As soon as I configure a tunnel the whole router loses all settings and needs a factory reset. Phone support cannot help beyond the factory reset. Don't have an alternative right now, so I will buy another one in the hope that I keep 2 out of three working.
9 Works perfectly if used within its limitations
I have a small office network that I wanted to be able to access securely from home. I did a TON of research to find the most robust and cheapest solution. Those searches lead me to the BEFVP41 for the office and the FREE SSH Sentinel 1.3.2.2 VPN client for home which can be downloaded at http://www.olin.wustl.edu/computing/reference/wireless/ipsec.cfm . A tutorial on how to set this whole thing up can be found at http://www.homenethelp.com/vpn/router-client-v13.asp .

It is very important that the BEFVP41 have a static ip address for the wan side. If you don't have one, ask your ISP for one, otherwise forget about doing VPN. Also, make sure the office subnet address is different than the one at home. SSH Sentinel doesn't appear to support netbios broadcast, so you won't be able to browse the office network when you connect. However, you can access each computer by their ip address. If you have a dhcp server that can allocate static addresses, then this is not a big problem as the address won't change on you.

I was able to set the whole thing up in one hour by carefully following the tutorials. However, I am VERY experienced with networking so your mileage may vary. What is great about this setup is I can log into my office securely from my laptop from any hotspot. The next time I visit Starbucks, I'm bringing my laptop.

By the way, you can buy a second BEFVP41 or the cheaper BEFSX41 for the home. This way you can log onto your home network from the office. I didn't need to do this so there was no point in spending the extra money. However doing it this way will allow you to browse the computers on the network. Also, don't waste your money on the USBVPN1 USB adapter. If you can't hook to an ethernet port, it won't work(i.e. any hotspot).

Good luck!

10 Great VPN Box for the Money
I've read several complaints from people who can't get the VPN features of the router to work. Well, I can say in fact it works pretty well. The setup is difficult (as is with any VPN setup) but once you understand "exactly" how each parameter should be set, it does work. I've setup several connections to the VPN at my site with both the W2K and XP IPSec client software built into the OS. I rate it 4 stars because I've experienced some glitches with the unit (resets itself randomly), but it doesn't seem to be a problem that can't be fixed with a more current firmware upgrade. The overall features of the router are fairly impressive. However, if you need something a little more advanced, have a look at the Linksys RV082.
11 It does the job
I bought this Linksys product to connect two homes into a single virtual private network using a cable modem at each home. This setup requires using two of this product.

Since installing the product, everything has worked great, and I can access all of my files on any computer at either home from the other seamlessly. My only complaint is that access is a bit slow, but this is probably a function of the internet, rather than this product.

That said, I generally have a poor impresion of Linksys products, particularly given the problems that I've had with their WAP 11. Furthermore, Linksys has very poor technical support (they've transferred a lot of their technical support offshore). Thus, if you can find another product that will do what you want, you should consider it.

12 Worked for 2 months then died
Tech support is below average using call forwarding to India. Unit worked for two months then died. During that period, the two units would crash every day or two. This product does not work for small businesses.
13 It just doesn't work.
So many problems:
1) If you plug in a 10Mbps downstream device, the router will crash on the first packet collision. This is true even if the 10Mbps device is another Linksys router's upstream connection!
2) With only 100Mbps downstream devices, using an IPSec tunnel causes the router to crash intermittently. I've seen it stay up as long as six hours and as little as two minutes. This seems to correlate with how busy the upstream network is. I'm on a cable modem to a shared segment; when my neighbors start big downloads and the activity light goes nuts, the Linksys crashes quickly.
"Crash" here means that the router goes through its power-up sequence: light the red DIAG LED, wait a few seconds, turn off the red LED, wait a few seconds, and repeat. It won't stabilize until I unplug all devices so it won't see a packet collision during init.
I upgraded to latest firmware. Didn't help. I sent back the unit and got a "factory reconditioned" exchange. Didn't help.
3) Linksys phone support is useless. Toll-free and worth every penny. They operate off a few scripts, don't understand what they're saying, don't speak clear English.
4) Linksys email support is even more so. In addition to being of no help, they are obstinate and insulting.
Such a shame, every other Linksys product I've owned has worked flawlessly.
14 for small scale VPN go somewhere else
As usual, Linksys was very easy to set up, also nice the built in DynDns support, however VPN is not quite up to the promise.

If you are not connecting two routers, you WILL need additional client software, and there are no free clients available.

For VPN go with a Netopia R910, it can act as a client and/or server plus it support Windows built-in PPtP.

15 Keep looking ... I will tell you where
The VPN causes the whole box to stop working. If you need a VPN look somewhere else. I am considering the Netgear FVS318
16 VPN Bargain
A simple and inexpensive VPN router best suited for connecting fixed endpoints such as remote offices. No, it doesn't have all the options of it's bigger brothers now that it's a Cisco product, but it's an order of magnitude cheaper and the current firmware version is solid. A stateful packet inspection firewall, hardware IPSEC VPN with up to 70 tunnels, DHCP server, and 4 port 10/100 switch for $100, with no expensive client software to buy? It's a great deal.

If you're considering VPN for connecting offices, shell out a couple of bucks and buy a fixed IP from your ISP - never try using it with DHCP like some disappointed reviewers. If you're planning to connect to your company VPN from home, ask your network experts first about compatability. I got it to work with the racoon VPN client on a Mac laptop over a wireless connection, so it's gotta be pretty compatable with IPSEC standards.

17 Disappointing
I have and still use this product, but the problems with it are serious for the non-technical user and technical user alike.

There are problems with the firmware and the DHCP on the WAN side (for those who don't know, if you get your IP assigned to you on the fly by your ISP when you log in, you're getting a Dynamic IP using DHCP.)It will cease to update properly after a few days. The only way to fix this is to reset the router either by powering it off and on, or by forcing a soft boot of the router. Neither is a good option.

The VPN software will work with XP & Win2k but only if you have a static IP to go to. This too is a firmware problem. Also the event logging and SMNP reporting ceases to perform after only a couple hours at most.

The Linksys service people will not acknowledge there is a problem unless you point to the Broadband webside and all the regularly reported problems from others. Their immediate response is that it must be you or that specific box (it's not, it's the firmware).

I got this router because I'd had good experience previously from Linksys. Their other products are decent, but this one is heading towards the lemon pile fast.

I AM connecting still using this product, and the features for port triggering and other aspects of the products features do work, but I had to do a dramatic workaround to make one of my computers force a reset every 8 hours to keep it working all the time.

Look at other products first.

18 Worth every penny
This is a great router. Not just because I use Linksys for my networking, but because it is priced reasonably and has a lot of functions through the built in admin functions. It's great if you have a hard wired network...if you're looking for the home office or whole house service, you may want to consider going wireless. In the end wireless would save some headaches.
19 Easy VPN setup, but requires massive amount of maintenance
The Basic router functions and VPN setup are easy to perform and work well.
My problem is with the DHCP WAN connection. I have
two of these units on RoadRunner and neither will renew the
DHCP connection when it expires. Using the DHCP renew button on
the status page does not work either.

As a result, we have to cycle the power on the BEFVP41 several
times per day to re-establish the DHCP connection.- a real
pain! Of course many times this results in a new IP address,
so I must change the security settings on the VPN to allow
the new client IP addresses to connect. This router takes
far more maintenance than it is worth - I could easily afford
to spend 10 times the money on the hardware if the maintenance
issues went away.

20 Misleading Features and no Tech Support
This product does not support popular L2TP or PPTP connections, but requires specialized IPSec client software to work (which is not supplied). It should in theory connect easily to another Linksys VPN but connecting to it while traveling is really not an option. The Windows 2000 or XP VPN clients can't connect to it.
Their advertised Windows connection is really only applicable to a fixed IP environment which is very misleading.
Tech support was not helpful (even hanging up on me) recommending only to purchase another software client to connect to it, that costs more than the router. When I did as recommended, they refused to guide me on how to configure this expensive software. I don't recommend this product at all, avoid unless you are connecting 2 Linksys VPN boxes to each other. Look for a VPN router that either comes with its own client or works with the free Windows client, otherwise you're spending big money and endless hours of configuration.
21 Great solution for small business'
I set a small business up with 3 of these routers. The two remote branches initiate tunnels back to the main branch and they all operate as if on the same LAN. They are able to map drives and have an inventory program running that uses a distributed database. This is a great, low-cost solution for such an application!
22 Good for nothing
(Tech support issued have already been described.)
For me, a casual home user with a recurring urge to VPN to the office, it is important that the thing just work. It doesn't.
It crashes (apparently, on the WAN side only) with symptoms ranging from DNS failure to complete disconnect, and up time ranging from mere seconds to 4 days max. I couldn't identify a "killer app" but I noticed that running VNC over VPN helps kill this poor device.
I returned the unit as defective and got back another one, "certified to comply..." Same story.
I've decided to just write off this bad expense. Looks just like what Linksys wants me to do.
23 Ill-trained tech support.
You better not rely on Linksys tech support for any expert knowledge and help.
They follow certain standard scripts and if things get a bit complex they are essentially lost. And so are you.
They'll make you work with their "reset and re-flash" routine wasting your time, when problems lie elsewhere.
I bought two units but when one acted strangely and then failed a lot of wasted time was spent on the phone doing irrelevant things and often getting wrong information.

When the units work it was great. Buy the units if you are confident that your prayers will be answered that you'll never encounter a defective unit. Or if you enjoy spending a lot of time on the phone with ill-trained technicians.

24 Be Aware of Terrible Customer Service
I own few Linksys products and have to admit that when they work, they do perform well in SOHO environment. (Unfortunately my last BEFVP41 unit wasn't too long lived, it died 6 months after I have purchased it.)
However if you are anything more than just casual internet surfer and you heavily depend on reliable access to the net I would highly discourage you from purchasing it due to very poor customer support system Linksys has in place.
If you need to replace your defective unit be prepared to cope with the incompetence of their RMA system ("sorry sir, our database is down again") and long wait for the replacement unit, even when using the advance replacement option. Unless you can afford the downtime, or have a spare router, do not bother buying Linksys.
If you live in Hawaii or Alaska Linksys will make you pay for half of the shipping cost back to you! It's clearly a company that doesn't particularly care for its image and neither for truly satisfied customer.
Oh, and did I mention to be prepared to shell out money on long distance calls (no 800 number) every time when you attempt to contact their customer service.
Sorry Linksys, you do not deserve anything more than one star with such lousy customer service.
25 Worked well, then failed. poor customer service
i bought this product for its feature set -- 70 VPN tunnels, DHCP, PPPoE for xDSL, convience of setup and use. all of that worked fine for roughly 8 months, then the box died -- no lights, no activity at all. to their credit, LinkSys Tech support were quick to offer a replacement part, but that was a week ago. in four days of multiple telephone calls, multiple promises that the replacement product would "ship today", and lastly a personal promise that a replacement would ship, i still have no idea when or if i will ever be able to replace this product. i probably should have purchased something from Sonic Wall instead.
26 Outstanding Product, Outstanding service from Amazon.com!!!
You can't possibly buy this item from any better place for a better price, for better service. Amazon.com is byfar the best online purchasing company I've found yet. 5 ***** to you Amazon.com!!! Thank you for incredible service, and very fast shipping.
27 Connected 3 locations 40 PCs and 2 core operating systems
The Linksys VPN Router gets the best results when you use one on each end, up to 40 tunnels. It took me 20 minutes per router to set up and make a permanent VPN connection. I did get one bad router. Each router must have exactly the same settings (That is what makes a VPN). On one router installation, I couldn't get a VPN connection. After checking the log, I found that there was a Crypto Sub-System error on that unit that prevented it from operating properly. I returned the defective unit and received a good one. With a properly configured VPN, there is no reason for IP forwarding or using the DMZ application. A Microsoft Domain controller, A Unix server, a main frame, 40 PCs, and several print servers are working together like they were in the same office. Linksys did a great job with this device. If you experience problems, it is likely to be your settings. Afterall, VPN is a rigid security application.
28 Another Winner From Linksys, But It's A Challenge!
The router/switch/NAT features of this little box work just like the other Linksys products in this line -- and just as well. What's new is the IPSec VPN support. You can set up secure tunnels over the Internet between two or more LANs using one of these boxes in front of each LAN. Alternatively (or in addition) you can set up a tunnel between a standalone remote PC and a LAN that has one of these routers *IF* the remote PC supports IPSec. Windows 2000 and XP support IPSec but Windows 9x/Me/NT do *NOT*. (If you want a Windows 9x/Me/NT PC to connect into an IPSec VPN, you will need a 3rd party IPSec driver, or just buy another one of these boxes to put in front of the PC.)

Configuring IPSec on a Windows 2000 or XP PC is not exactly easy either -- Linksys' how-to document is SIXTEEN PAGES long! But the difficulty is not Linksys' fault -- rather it's due to Microsoft's tortured GUI for the IPSec configuration.

But setting up a tunnel between two of these boxes is easy. It's only the standalone PC to LAN tunnel that is daunting.

I want to give this product 5 stars. It works very well, and the price is almost too good to be true -- it compares quite favorably with other products costing 5-10 times more. But I have to take a point off because Linksys does not give enough emphasis to the Windows 2000/XP limitation of the standalone PC VPN client in its marketing copy, and there is not one word about how to configure the standalone client in the manual that comes with the router -- you have to hunt for it on Linksys' Web site. From what I see on the discussion boards, there are a lot of people who are lost without better information on these points. So if you plan to use a standalone VPN client, be prepared for a struggle, but hang in there -- it DOES work!

29 Excellent Value, performs well
I have 30 of these units at customer locations who connect to our head office to sell a service through the encrypted VPN tunnel. Easy to setup, connects to any standardized VPN box, remotely manageable, good throughput and the price is bar none the best out there. Go with Sonicwall and you have to buy licensing for every feature you want to use. No licensing on the LINKSYS. For the guy who was complaining about the port forwarding and the port triggering, you probably were doing something wrong as I have both port forwarding and port triggering enabled on my boxes and doing more than one address. It helps if people read instructions. The port forwarding info is in the help file on the router.

"Port Triggering
Some Internet applications or games use alternat ports to communicate between server and LAN host. When you want to use those applications, find out the ports used by them and fill the triggering(outgoing) port and alternat incoming port in this table. The router will forward the incoming packets to LAN host
"

So if you wanted to setup a VPN tunnel and use a application that you wanted going through port 5000, outbound on the Linksys and Inbound on another VPN router, that's what it's purpose is.

Highly recommended

30 Useless firewall
The firewall is useless if you have more than one machine behind it. The port forwarding does not allow ranges of internal IP addresses, and if you specify more than one the the port stops working for ALL addresses.

For example, want to open TCP/123 for NTP synchronization? Have more than one machine? If you don't forward the port, you can't connect to the NTP server. If you forward one IP, it works, but if you forward both IP addresses, neither of them are able to connect to NTP.

There appears to be no support for RTP/RTSP streaming (e.g., QuickTime), though there is a mysterious (and essentially undocumented) "port triggering" feature. Absolutely no idea how this is supposed to work; the docs are nearly useless and there is nothing on the Linksys web site.

In spite of the claims in the data sheet, it could not connect to the common IPSec VPN my company uses. It does not offer the option of logging firewall violations, so troubleshooting is very difficult.

I'm using the latest firmware 1.40.2.

31 Made life much easier...
When I had a DSL program running on one of the computers in my house and wanted to add it to others, I didn't want to buy brand new packages to set up the computers that were in need of DSL. I was recommended this product so I could route the line from one computer to the two others. Now with this wonderful little router, I have DSL hooked up in three of my home computers. This has made internet life much easier and this way nobody has to worry about having to get offline to use the internet. Everybody can just use the internet at the same time.

The box itself is ingenius in itself. You are able to route up to four cables into this box meaning that you can use the DSL on up to four computers at the same time! This was indeed a blessing. The installation for this product is very quick and in no time you will be surfing the net. I recommend this router to somebody that wants to get up to four computers hooked up to a DSL. This is ideal for an office or a home with more than one computer with internet access. This is recommended and will make life much easier.

32 Cheap VPN
I've been lookiing for a solid, inexpensive VPN solution for quite some time so I was pleased to find this little router. I had no problems configuring the unit to connect to a Watchguard Firebox II and a Nortel Networks Contivity 100S, both of which inhabit my equipment rack at the office. Configuring VPN's can be frustrating if you are unfamiliar with the technology but this product has a very simple interface and a bit of time spent educating yourself about IPSec will ease the setup.

Highly recommended.

33 Buyer Beware
I saw this router recently at a local computer store and was excited to find a device that would enable VPN connections. So, I bought the Linksys BEFVP41 EtherFast Cable/DSL VPN Router w/4 port Switchrouters and brought it home in anticipation of a faster connection and establish a VPN connection to my office. Disappointment followed, after four hours of struggling with the installation, which included loading the latest software within the router, I called the help desk. I was informed by the help desk that the reason I was unable to make configuration changes to the router was due to a software defect within the device. I exchanged the device for another one. This one had the exact same issue. I exchanged the router for a flat screen and more basic router that I am pleased with.
34 an affordable VPN box
I am attractived by the aggressive price firstly.
But it did works fine. The VPN setting is introduced
step by step to establish a tunnel quickly between
router and win2K.

Tuesday, 02-Dec-2008 13:38:40 CST
Quote of the Day:


	An older student came to Otis and said, "I have been to see a

great number of teachers and I have given up a great number of pleasures.

I have fasted, been celibate and stayed awake nights seeking enlightenment.

I have given up everything I was asked to give up and I have suffered, but

I have not been enlightened.  What should I do?"

	Otis replied, "Give up suffering."

		-- Camden Benares, "Zen Without Zen Masters"






Q:	How many Californians does it take to screw in a light bulb?

A:	Five.  One to screw in the light bulb and four to share the

		experience.  (Actually, Californians don't screw in

		light bulbs, they screw in hot tubs.)



Q:	How many Oregonians does it take to screw in a light bulb?

A:	Three.  One to screw in the light bulb and two to fend off all

		those Californians trying to share the experience.