Linksys (RV042) CABLE/DSL VPN ROUTER W/4-PT SW
1 beware of logging issue
This unit's default, non-editable rule for all outgoing connections is to always log. Unless you create some custom rules for certain traffic types, your firewall log will fill-up quickly with useless info.
Also, possible issue with it constantly interpreting a SYNFLOOD error on its WAN1 port when sitting behind a Paradyne DSL router - even with DoS protection disabled.
2 Firmware for RV042 lags the RV082...
I wanted a low-cost VPN solution and had been debating purchasing the Cisco 501 PIX firewall and Netscreen's lowest end 5GT VPN router (which costs $450 + maintenance/support contracts) before discovering this bargain model. Tom's Networking Hardware has a good review about the RV082 holding up with Netscreen's 5GT VPN router in performance tests, which pretty much convinced me to get this Linksys brand. I use the RV082 for our main office and the RV042 as a client in our remote office in mainland China, so I can't say for sure that an RV042-RV042 solution works. Note: If you intend to purchase this model and use it for an international location, however, you do need to purchase a separate 220 volt/1000 mA/12 volt adapter, since the unit only comes with a 110 volt adapter. (Linksys apparently has yet to provide a universal power adapter for this product line.)
I thought the RV042 would be exactly the same as the RV082 except with 4 ports instead of 8. However, I found that the firmware is still a bit behind the RV082 (the RV042 also does not come with an internal PPTP server, though this PPTP server is still not compatible with the Win2000/XP PPTP client). One major benefit of the RV082 is that it comes with a free VPN client called QuickVPN (downloadable in the same section where the RV082 firmware is located). Unlike other Linksys VPN routers, the RV082 using the QuickVPN client avoids the trouble of needing to follow a 16-page procedure for configuring a Win2000/XP client to access the VPN.
The RV082 firmware (v1.1.6.3) contains an "HTTP Service" option that must be enabled to provide QuickVPN support. The QuickVPN client appears to retrieve some VPN server information through https:// requests, which isn't evident unless you look closely at the wget_error.txt located inside the C:\Program Files\Linksys\Linksys VPN Client directory. The RV042 firmware (1.3.1) does not yet support this feature, but their current BETA version (v1.3.3) does (downloaded from linksysinfo.org). Linksys has yet to officially release this firmware, so be forewarned!
The RV units may also be compatible with other VPN brands. We had been using the really flaky Symantec 200 VPN units and managed to get one of the units to negotiate a IPSEC tunnel with the RV042 and RV082. You can use the VPN log feature to see if the negotiation works. Enable the keep-alive option in the Advanced features to help maintain a persistent tunnel too!
Instructions for QuickVPN and setting up the RV042:
1. Upgrade to the latest firmware version (1.3.3 beta off Linksysinfo.org. Additional note: There are reports of problems with the the 1.3.6 beta so have stayed away from using it.)
2. Inside the "Firewall" section, enable the HTTPS service. Make sure to Save Settings too.
3. Inside the "VPN" section, click on the VPN Client Users. Add a username and password that will be used for the QuickVPN Client. Make sure the user that you will be using is selected as Active.
4. Make sure that your client's NAT/firewall has IPSEC passthrough capability turned-on. If you don't, you may see that the QuickVPN client successfully connects but freezes at "Verifying Network".
5. Your client's IP subnet should not conflict with the other remote networks (i.e. Your client subnet should be 192.168.2.0 if your remote networks use 192.168.0.0 or 192.168.1.0)
6. Verify that the IPSEC services is running on your Windows machine.
7. If you are running Windows XP SP2, you need to disable the Windows Firewall. You may also see the connection established but QuickVPN get stuck at the "Verifying Network" message.
A good place to debug your problem is to look at the error logs in the wget_error.txt in the directory where the QuickVPN client is installed (i.e. C:\Program Files\Linksys). The wget program apparently tries to connect via HTTPS to the RV042/RV08 to obtain VPN server information. If the connection is successful, you can see several .conf files downloaded into the same directory.
One another note: Both the RV042 and RV082 have a second WAN port for load-balancing, but I've seen enough reports to stay away from using this feature until Linksys manages to resolves the issues in the firmware.
3 Potential 5 star product
The RV042 is a major step up from the typical low end router for a very reasonable price. It adds dual wan support, VPN capability, and 1-to-1 nat (ability to map multiple external IP addresses to multiple internal IP addresses including firewall controls). The web interface is intuitive. It's metal case is much sturdier than typical cheap plastic case of other devices. Overall the unit works very reliably and well. However, the documentation doesn't fully cover the advanced features of the system, so you end up using trial and error to figure out how to make things work. As of version 1.3.1 of the firmware it has a MAJOR bug if you're hosting a web site (or any other web services) on your device: you can't access your own website (or mail, ftp, etc) from inside your own network. Access to your web site will work from anywhere on the internet, but not from inside your own network! Overall, the RV042 offers tremendous functionality for the price -- hopefully, the bug will get fixed in a firmware update soon.
4 Good small business router
Strengths:
Great little unit for the high tech home. Load balanced Internet connection options are great. Decent firewall.
Weaknesses:
VPN is a little complicated to connect to from xp/2000 Client. Have to play with the IPSec settings.
I am using the RV042 and a RV082 to connect an office in the US with an office in East Europe. The VPN is working perfectly.
- Excellent performance.
- Very reliable.
5 Great, Fast Router!
This is a very nice business router - quick and much better than the cheap "blue box" consumer routers Linksys sells. It does, however, desparately need traffic shaping (i.e. QoS, etc.) capabilities like the other reviewer mentions to help keep all the new streaming protocols in check.
6 Good but Needs QoS
This is a good router - fast hardware, etc. But it needs more business features like QoS and bandwidth limitations (for things like VOIP). It barely has any more features than the consumer versions of their routers, which is a shame given the fast processor.
7 Good Firewall and VPN Router
Nice router, but does have a few bugs as other reviewer mentioned. Also, I wish they'd allow the filtering of port 113 (IDENT) - even the consumer firewall, the BEFSX41 does that! Once they iron out the initial bugs and put the feature set on par with the consumer routers - it'll be a great product!
8 Nice Product but Linksys/Cisco Need Better QA - a few bugs!
I like this router - it's very flexible for the administrator that wants a little extra power beyond the general consumer Linksys routers. It also looks and feels more professional than the standard blue and black Linksys plastic boxes. The downside - Linksys continues to ship buggy software. In this case it's not too bad (they reversed incoming and outgoing IP addresses in the internal log and syslog feeds). However, that said, I haven't dug too deeply .. we'll see! Hopefully they pay attention and send out fixes in the firmware soon!
