"Good WiFi, poor router and firewall"1.5 starson by rcarrjr
Pros: Good WiFi signal strength and speed.
Cons: Lack of options and configurations for firewall and router. Buggy DoS implementation. Questionable choices with regards to security
Summary: I chose the Belkin Pre-N WiFi router and firewall based on reading reviews and recommendations. After getting it home I have run into a number of problems with the unit.
1) Wired Setup – Isn’t this supposed to be a wireless unit? Belkin seems to require that you have a computer wired to the unit to set it up. This is a huge hindrance for folks who are upgrading from a previous wireless solution and have become dependant on the fact that there are no wired connections to their router. When I set up my DLink I never had to break out the wires. Simply connect the unit to the modem (ok, one wire), turn on, use a wireless computer to connect to the default SSID, open a browser to the default management page (usually http://192.168.1.1) and viola!
2) Unsecured Status Page - if someone is able to compromise your wireless network, they instantly have access to a wealth of information about your private network. IP addresses, DNS settings, hardware being used, firmware version, W A N IP. It's all information that could possibly be figured out anyway, but Belkin just gives it away...why make it easier for the hackers? Make them work for it.
3) The WiFi/Router/Firewall management pages seem geared toward novices - Which is all good and fine but it has no truly advanced section where power users can fine tune and tweak the settings. There are few configurable options.
4) Lack of fine tuning and configuration – There is a lack of ability to fine tune the firewall for your personal needs. The only options you have are port forwarding/virtual servers, client IP filtering, DMZ, Dynamic DNS and W A N Ping Blocking. They don’t have any ability to handle configurable options for Block W A N Request, Multicast Pass Through, PPTP Pass Through, Filter Internet NAT Redirection, Filter IDENT(port 113), Port Triggering, Dynamic routing (RIP1 or RIP2), or static routing. While the router does have a Universal Plug n Play (UPnP) and IPSec Pass Through options it does not let you configure those options. Nor does it give you any facility to configure your Secure Packet Inspection (S P I) filters.
5) WiFi SSID and channel are on a different page from WiFi security ensuring that if you are administering your router from a wireless connection it will require multiple changes on both the router and your wireless client. For example, save SSID name change on router, then save SSID setting for you pc, and reconnect to the router. Then change WEP key for router, then change WEP key for pc and reconnect to the router. It just makes maintenance that much more difficult. DLink got it right with the DI-624M where settings that need to be in synch on both clients and the router are all on one page and can be changed in one shot.
6) My ISP, Verizon Avenue (vzavenue.com or .net), uses the "Dynamic" connection type as configured on the Belkin router. The connection type has no configurable options like Maximum Transmission Unit (MTU)
7) the Denial of Service (DoS) protection of the firewall is configured improperly for my ISP (I guess) and causes any downloads greater than 4 or 5 megabytes to stall permanently. It logs the block in the security log. This is a problem Belkin has seen in a few of it's products.
8) The security log is far too sparse giving only the date, event and the IP address. At least give us the port on which the offence occurred and perhaps the type of offence rather than just "Denial of Service" (that’s a pretty broad thing)
9) When on your internal network (behind your firewall) and trying to access your internet facing web server using one of the two or more virtual domains, you will only get the management site for the router. This makes internal testing for websites with virtual domains much more difficult. Linksys handles this in a much better way, by bringing up the management site only when the internal LAN IP address is used. If the external W A N IP (or any domain name registered to it) is used the router treats it as if it is a request coming from outside the firewall and forwards you to the appropriate service. Further, with Belkin, if you want to remotely manage your router/firewall you have no option for what port the management site will use.
When choosing this router understand that while the range and speed of the WiFi are quite good, the firewall and routing services leave a lot to be desired. I would not recommend this unit to a power user.Updated
Point 1) Belkin does infact let you perform a wireless setup if you so desire. Just connect to the bekin ssid and be sure to connect to http://192.168.2.1 for the routers management pages. I'm not sure why this didn't work for me the first time I tried it.
Point 7) After closing inbound ports on the router, the security seemed to stop reporting Denial of Service protections. So the S P I filters may not have been the issue. However the problem remains that I cannot reliably download any files larger than 1 megabyte or so. Multiple retries have sometimes yielded success, but in the end it's was just not reliable.
Blekin tech support has suggested I exchange the product and try a new one.