Review of the SnapGear Lite+ VPN ROuter

SnapGear Lite+ / Lite VPN Router 

from SnapGear

Score: 3 out of 3 

Review Type: Hands On

Reviewer: Chris Kaminski 

Date: Feb 18, 2001

Firmware: 1.5.1

Link: SnapGear

The SnapGear Lite VPN router’s feature set is enormous, but unwieldy for a beginner. The SpapGear Lite has Linux at it’s heart and the manufacturer has exposed as many configuration options as possible. This is GREAT for an advanced user, but anyone else might get quickly lost. When the developers had a choice between ease of use and feature set, they seemed to always choose feature set.

Even though this router is complex to configure, I have to give it a 3/3 because of it’s nearly unrivaled feature set in this price range. The simple fact that the router contains both an IPSec and Microsoft compatible PPTP VPN configurations is worth the price and probably the hassle.

Setup was a bit strange for this router compared to other home broadband routers. Because it does not come configured with an IP address. The manufacturer assumes that you already have a DHCP server on your network. Running a simple EXE can assign an IP address to the box, but it is an extra step that could have been avoided. I understand that SnapGear chose to take the path that would NEVER interfere with existing network infrastructures, but honestly it makes it hard for the basic home user to install.

Once you are connected to your router, administration is very similar to other routers. The web based interface is not flashy but contains all the information you are looking for. Most of the terminology used beyond the initial setup wizard is in raw network terms and not ‘dummed down’ for casual home users. For instance: instead of setting the time manually or having the router get it from the computer doing the administration, SnapGear asks that you configure the router to retrieve the current date and time from an NTP Time Server. This is technically the most accurate and stable way of accomplishing this task, but most folks don’t know what an NTP time server is. Translted: This router is for advanced users looking for the best configuration options.

There are some advanced features that the SnapGear routers have that nobody else can touch In its price range. Here are is a quick summary of SOME of those features

Not only does this router have IPSec VPN support, it has PPTP support too!

The IPSec support is exactly like everyone else’s (a goof thing) and supports up to 10 simultaneous IPSec tunnels with a maximum encrypted throughput of about 500kbps. The throughput is comparable to most other home broadband routers with VPN.

The PPTP support is not unique in the industry, but it is a rare and welcome addition. By setting your router up as a PPTP server, anyone on the Internet can use the VPN software built into Microsoft Windows to connect to your network – providing you have set them up with a login and password. Not having to load extra software on your VPN clients is a definite plus. The built in PPTP client allows your router to ‘call’ Microsoft PPTP VPN networks on the Internet.

 This very advanced feature lets you prioritize services that use your Internet connection. As fast as broadband connections are, they can still be totally saturated and made unusable by doing simple file uploads. Traffic shaping can flag an upload as a low priority and allow web surfing and email checking to go on unhindered.

If traffic shaping were used, FTP’s could be set to a low priority. When other family members try to web surf or check email, their traffic is prioritized by the router over Johnny’s FTP traffic. COOL STUFF!

For those inclined, the router does traffic shaping according to rules you set up in the router or it can pay attention to priority information contained within the IP traffic itself.

Of course the firewall has SPI – stateful packet inspection. It defends against Denial of service attacks etc etc just like most modern routers. Above and beyond that, the router has Anti-Intrusion features.

Background: Hacking 101 When hackers are looking for systems to compromise, they start scanning IP ports on many IP address. They scan IP ports looking for computers that have unmonitored services running. When they find a service running, they then know a firewall is probably not in place and the target is a good candidate for further exploration.

The SpapGear routers let you set up services for hackers to find. When someone tries to connect to these services, the hackers IP address is flagged as ‘trouble’ and is no longer listened to! There are FEW legitimate uses of doing port scanning and none are legitimate on the Internet. The SnapGear lets you say, “Hey, you looked at me funny so I am not going to listen to you”

As soon as you connect to the routers configuration screen and see the penguin, you know this router has Linux at it’s heart. The box is basically a well set up Linux router that does not need a hard drive, that takes very little power, and is only about 7inches by 5 inches – sweet but it does not stop there. If you like to tweak things manually, the router allows you to modify all of the major Linux config. Files right through the web interface! I am not a Linux expert, but it would seem to me that a knowledgeable person could configure this box to just about every network routing and firewall function a full Linux computer can do.

This has got to be my favorite router so far because of it’s amazing configuration options and intense number of advanced features. How can you go wrong with two kinds of VPN’s built in, traffic shaping, and a good firewall. Well worth the money. HOWEVER, beginner and even casual but well meaning intermediate users should keep in mind that this is an ADVANCED level router. Guru’s can rejoice and beginners should look elsewhere.

 

Review of the SnapGear Lite+ VPN ROuter