With the Linksys LRT224 Dual WAN Business Gigabit VPN Router, you’ll get a lot of the same features you get with the LRT214. The LRT224 also offers load balancing, which makes it different from the LRT223. Both are easy to mount in a network closet or on a desktop, making them great choices for small to midsize businesses (SMBs) in offices. Besides the lack of a dedicated demilitarized zone (DMZ) port, the LRT224 differs from the LRT214 only slightly. However, that is still a negligible difference. Even with its low MSRP of $229.99, the LRT224 is a great router with a lot of useful features (keeping it competitive with other SMB-focused, dual-WAN routers).
Design and Installation
Compact and solid, the LRT224 offers excellent value for money. In addition to power, LAN, and WAN ports, there are LEDs located on the top. LAN ports are located on the back, along with one WAN port and a DMZ and WAN2 port shared by each. I was disappointed to see that users had to sacrifice their dedicated DMZ port in order to utilize load-balancing functionality. Despite having all documentation on the packaged disc, the QuickStart guide illustrates the setup process beautifully. However, it feels like the same router as the LRT214.
In theory, DHCP on the WAN network should make the router immediately usable after powering up. Getting to the management interface should be no problem at all, too. It runs on the standard HTTP port of 192.168.1.1 by default. As soon as you log in to the web console, there is an easy-to-use Setup wizard that guides you through setting up the WAN connection, local network subnet, DNS, and DHCP. A five-minute setup takes place from start to finish.
Compared with Linksys’ consumer-grade UI, this layout is considerably improved. System Status can be found on the Administration page, and it provides a good overview. You have immediate access to a variety of useful information, including port statuses and active VPN tunnels. Configuration, Maintenance, and Support tabs make up the rest of the management UI. Setup occurs mainly in the Configuration tab, with troubleshooting occurring mainly in the Maintenance tab. Since it only provided links to the Linksys support website, the Support tab was slightly disappointing. Although Linksys doesn’t offer offline support in some cases, the company’s support website has a wealth of information.
Network Configuration Features
Compared to the LRT214, the LRT224 provides the same basic range of options for configuring a network. The types of WAN connections include Static IPs, DHCP, L2TP, PPPoE, PPTP, and Transparent Bridge modes. A static IP address or dedicated line (for the app, or security reasons) may be the best option for companies who are not able to take advantage of standard business-class internet services from a major provider using DHCP.
It also offers powerful and more advanced network configuration options such as one-to-one network address translation (NAT), tagged virtual LANs (VLANs), and dual-stack configurations, which are useful for companies that are gradually transitioning to IPv6 from IPv4. A user-friendly interface and sensible layout make each configuration screen approachable to new users.
There are several configuration options available for the second WAN port on the LRT224. Simple failover setups are also available, but these are more complex than load balancing or sticky ports. The load balancing appears to work during testing, though only on an equal basis. Many routers allow you to switch between round-robin algorithms, which might not be an issue for most users.
Firewall and VPN Configuration
On a midrange-to-enterprise router, the firewall section includes a powerful access rule editor. Access rules for inbound and outbound traffic can be created easily. Although the router does not offer the ability to create custom objects such as IP ranges, it does allow the creation of services. Users will be able to establish tight network control through this tool.
The LRT224 provides VPN support. IKE, PPTP, and OpenVPN configurations are fully supported. There are 45 standard VPN tunnels supported by the system. Installation is straightforward. There is a simple user interface and everything is well labeled. Understanding VPN configuration is essential, but you can easily find what you need.
A VPN tunnel can only be set up on this version of the router up to 45 times. Regardless of how arbitrary this number seems, users of SOHO routers would have a difficult time reaching this number. The Linksys EasyLink router supports up to five VPN tunnels, just like other LRT routers. Although they have limited access to their LRT routers, this simplifies VPN setup to a great extent.
When a standard IPSec tunnel is configured with SHA1 and AES-256 encryption, the speed can range from approximately 62 to 67 Mbps. I opted for the highest level of security available, regardless of the Linksys datasheet’s claim of 110 Mbps. An unencrypted transfer protocol such as MD5 could easily realize the claimed throughput if a lower encryption level was chosen. Compared to other routers of its class, the LRT generally performs at comparable levels.
Security and Content Filtering
Also included are a number of useful security features, including stateful packet inspection, denial of service prevention, and blocking of Java, cookies, ActiveX, and similar code. Although it lacks the intrusion detection capabilities of more expensive routers, it does support LAN segmentation. With the content filter included, it is possible to block domains and pages that contain specified keywords. Nevertheless, keyword blocking is very limited since the traffic from search engines is usually encrypted anyway; it only helps with unencrypted traffic.
In addition, the encryption keys and passwords are enforced to have a minimum level of complexity. Although it can be turned off, it does go a long way to add an extra layer of security.
Despite its good logging features, the LRT is not perfect. The main problem is that event and message types cannot be searched for. Having this feature on a VPN router is a must since anyone who has configured a VPN knows that the appropriate error messages to look at are key to ensuring proper connectivity. It would have been nice, however, if the router itself could be set to set this kind of filter, rather than having to email logs.
Any load-balancing router implementer will find this router a competitive option. However, compromising the DMZ port for the second WAN port is a bit disappointing, but otherwise, everything is available for a simple load-balancing setup. An entry-level router of the LRT class offers a straightforward interface as well as features usually found on premium routers.
|User interface (UI) that is clean and easy to use.||Logs are not searchable.|
|Easy-to-manage VPN tunnels.||To use WAN2, we must sacrifice the DMZ port.|
|Management of networks and firewalls.||Lack of offline support.|
Featuring the same features of the Linksys LRT214 and with the added bonus of load balancing, the Linksys LRT224 is the big brother to the LRT214. In order to make room for the second WAN port, the DMZ was sacrificed; otherwise, it has everything you need for basic load-balancing.