Router with Hardware VPN recommendations?

[nintenjo]

Id like to set my router to give access wide VPN client (via Nord or Express VPN or similar). However my currentr Asus DSL-AC88U does not seem to support hardware encyrption so it has to be done on the CPU and of course its not really up to it so manages not much more than about 30~50mbps maxed out.

This router is pretty old and i imagine they have come on a long way since it was new, as such im looking for a device that capable of about 20 simultanous connections with about a max throughput of about 300/50mbps U/D with VPN encryption enabled. I know the type of encryption etc will effect performance so would be interested to know if anyone else if using such a setup on a domestic router? Any recommendations?

 

[nintenjo]

Are you using OpenVPN? Does the Asus have an option to use Wireguard instead? What about merlin firmware?

Yes it has OpenVPN this is what I used to connect to express VPN to test it .. which had the low throughput I listed above. No wireguard option, and I don’t think the router is Merlin compatible as it’s an DSL model I don’t think custom firmwares are compatible?

 

[nintenjo]

No idea about whether it's Merlin compatible or not, I wouldn't touch any Asus networking equipment with a bargepole.

You need a Wireguard or Tailscale compatible router, OpenVPN is really slow.

Any recommendations?

 

[nintenjo]

min 4 ports, 1gbps LAN is fine, Wifi 6 min. Router / Firewall combo is ideal (less power inputs) but if i can get just the VPN as a hardware Accesspoint thats a nice option too then i can use my existing router? Budget id say is about £150 - 200 ish my last router was about £280 which was so overpriced for what it was but i needed the DSL function which added a huge cost overhead.

 

[nintenjo]

GL.INet MT-6000 *snip*

This looks pretty much perfect, thank you. Never heard of the brand so ill do a bit of research but looks ideal.

 

[nintenjo]

I thought they were reverting to a earlier OWRT build now and then bringing the old drivers over going forward or at least that's what I thought the last announcement said?

Op, i'm not sure you quite understand what you're suggesting, routing *everything* via VPN is going to increase you not being able to access certain sites, potentially impact streaming services (both good and bad) and result in online purchases potentially getting flagged as suspect. It's far better to do this either Policy Based Routing/client or even VLAN on the devices you actually want to do this on rather than *everything*. I have had orders declined (hosting), been asked for verification (online services), paypal who normally let me do all sorts of questionable things without any verification suddenly withdrew certain payment options and wanted to verify I had the funds before making any payments. Literally each time coming off VPN and doing the same thing on an open connection resulted in it working (apart from cases where they had flagged things for further verification). Proceed with caution.

Ok that’s sound advise I appreciate it.. maybe there are better solutions.. for example can I have my server on a (software) client VPN but have all my LAN traffic still access the server on any port ? Plus then have certain external traffic access it via fixed ports? (It’s a silly question as I know you can, but I guess the question is more is it easy to do using a solution like Nord / Express VPN client) .. although I know this is off topic.

 

[nintenjo]

Just check that you’re happy with the 2.4GHz WiFi situation because once you move off the default firmware it can get a bit flakey depending on your exact use-case but for most users it’s absolutely fine.

Yeah I saw this, not ideal as I use 2.4ghz for all my home automation type devices.