The second problem was a little trickier, however.  The WAN port on my NS-5XT was only 10Mbit/s.   While I was using cable and DSL connectivity for Internet access, this was no issue, because those connections were all in the 2-6Mbit/sec range.   My FiOS connectivity, however, is a rather robust 25/5 (25 Mbit/sec DOWN and 5Mbit/sec UP).


This has proven to be more frustrating than one would think for a home network.

So began my search for a replacement device that would give me all of the functionality that I had before, but be up to the task of my current bandwidth.  I looked at current Juniper Netscreen devices, and even at the Fortigate firewalls from Fortinet (my new favorite enterprise FW company).  The problem was cost.  I really didn’t feel like paying $200+ for a good firewall.

Enter DD-WRT.  Now, you can take an otherwise standard broadband router that has enough flash and operating memory, and turn it into a much better piece of equipment.  After a fair amount of research, I selected the Netgear WNR-3500L and turned it into a beast.

Some of the best features derived from the upgrade include:

  • Multiple SSIDs with their own security configuration
  • Support for SNMP and 802.1x authentication
  • Support for VPN (although only SSL, not IPSec)
  • QoS (although, not quite as straightforward as with the Netscreen)
  • Support for a NAS (not using today)
  • Extremely flexible routing, including the ability to route of WLAN off my LAN
  • VLAN support
  • Gigabit uplinks

imageNow, my uploads and downloads are positively screaming.  I’m routinely getting 25-30 Mbit/sec down, and 5-8 Mbit/sec up.  No more throttled download because of a functional and well-featured firewall that was getting long in the tooth.

Overall, I am very happy with my new firewall and its robust feature set by way of DD-WRT. And it only cost me US$80 plus a few hours to get all the configuration completed.

