For those who have had a chance to look at my Virtual Private Network (VPN) articles and reviews covering tops VPNs like ExpressVPN, NordVPN and TorGuard I’m sure you may have noticed that my coverage of VPN use on routers has been spotty at best.
VPN usually come with a limited number of simultaneous connections, so if you can implement it on your router and cover multiple devices, why not, right? Unfortunately, as with everything that seems too good to be true in life, so does this theory.
While certainly not encouraging, there are routers that can handle VPNs slightly better than the average ones. Unfortunately, those are usually in the high-priced range, at least as far as consumer routers go.
There are two characteristics of routers that are built for VPNs that can keep in mind:
- Powerful processors
- Custom or modified firmware
Routers which were originally designed for low-latency gaming or high-bandwidth video streaming are good options, since they often feature very powerful processors.
Some VPNs also work with router manufacturers to pre-configure and tune select routers to run their VPN right out of the box. This however is not available worldwide and you may not find it where you are.
One last option is to opt for routers that have custom firmware such as DD-WRT.
Having said all of that, there are some routers out there are absolute monsters and if you’re looking to run a high-encryption VPN connection with them, you’ll be fine.
1. Netgear Nighthawk X10 AD7200
Looking like something out of Alien vs. Predator, the Nighthawk X10 is a 7.2Gbps-capable wireless router that has a monster 1.7GHz quad core processor. Coming with gigabit ethernet ports and dual USB 3.0 ports, the X10 can not only act as an Internet router but also stream HD media and support up to 20 devices.
Remember though, that despite its hefty price tag (A Nighthawk X10 will easily top $600, even on Amazon) – our main inspiration for looking at this router is its powerful processor. Again, the more powerful a processor your router has, the better it will be able to handle the demanding encryption that your VPN demands.
2. Linksys WRT3200ACM
Looking cool in blue is the Linksys WRT3200ACM wireless router that can handle almost anything with its 1.8GHz dual core processor. Many Linksys routers are easily configured using browser-based utilities and can be customized with Linux mods. I’ve tried running DD-WRT on a Linksys router before and it is powerful and stable.
What makes the Linksys WRT3200ACM doubly special is the company’s generosity in designing an interface that allows easy installation of custom firmware such as DD-WRT. Such firmware will often give you far more control over router features.
This router comes at a much more reasonable price tag compared to the X10. In fact, you can get it at less than half the price an X10 would typically cost, even with shipping thrown in. It has also frequently garnered top ratings from tech authorities such as PC Mag and Techspot.
3. ASUS RT-AC86U
Built to mirror it’s Republic of Gamers flagship product line, the ASUS RT-AC86U was designed to cater to gamers, one of the most finicky categories of consumers in the world. Its 1.8GHz dual core processor is built for speed and the router come ready for home networks with AiMesh technologies and built in protection from Trend Micro.
This model has been lauded by the big boys such as CNET and often labelled as one of the top all-round routers. Priced in the sub-$200 range, the ASUS RT-AC86U is both Linux-based and user-friendly.
Caution Before Buying
Although the three routers I’ve listed here are good and have been put through their paces by others seeking robust home networking solutions that include a VPN, they are not the only ones. There are many other routers which do just as well. I strongly recommend you take a look at FlashRouters to see what’s available.
To add to that, not ALL great routers play well with VPNs. A lot of this is also due to the native firmware loaded onto those routers.
For example, I had a TP-Link Archer C7 which is also quite a good and stable router. Unfortunately, their default firmware didn’t have a VPN option, so I couldn’t configure it without first re-flashing my firmware to an open source option that did.
Take this warning seriously
Not all routers will work out of the box with a VPN.
Although I re-flashed my Archer C7 to DD-WRT, this isn’t an option available to all router brands and models!
Encryption Takes Significant System Resources
The main reason most of us look towards VPN is to keep our Internet-related activities private. VPNs do this by helping us create a secure tunnel between our device and a secure server. It also encrypts the data that flows in that tunnel to keep it safe.
The encryption process is exactly the main thing that makes VPNs on Routers such a bad idea.
Most VPN users today opt for OpenVPN as it offers the best combination of security and speed that is available. It’s more secure than the much outdated PPTP, protocol and for the most part, faster than IPSec.
Unfortunately, developers have not yet made OpenVPN a scalable protocol. This means that it is very singular in nature, not being able to make use of multi-threaded processors. For example, if your computer or router claims to run a quad-core 1.5GHz processor, OpenVPN can only run a single core at that speed.
To put this into perspective, let’s look at 256-bit encryption.
256-bit encryption means that every single bot of data that comes out of your computer is encrypted with a ‘key’ that is made up of 256 binaries (1s or 0s). That’s why a PC or router needs significant processing power to handle the VPN encryption.
Routers are Much Less Powerful than PCs
Encryption takes up system resources since you’re basically using the computer to encode and decode raw data. Your average PC processor speed today ranges between 2.4GHz and 3.4Ghz and is equipped with between 4GB to 16GB of Random Access Memory (RAM).
On the other hand, the average consumer-grade router is equipped with anything between a 600MHz to 1GHz processor with 128MB to 256MB of memory.
Let me show you what I mean using my experience with the “ASUS RT-AC1300UHP Wireless Router”.
With the TorGuard VPN Client running on my Windows 10 laptop, I’m able to achieve close to my maximum ISP-allowed speed of 50Mbps.
Running the same protocol on my router, however, drops me down to between 13-15Mbps. Looking at the image below, you’ll notice that even to achieve this speed, one of my router’s processors is running at over 80% capacity.
Just to let you know that it’s not caused by TorGuard, I also ran the same test for ExpressVPN and NordVPN, which similarly gave me slow speeds over my router;
How To Set Up VPN on a router
The process itself of setting up a VPN on routers depends on the firmware of the router. However, it is a relatively painless process and usually takes just a few steps. Most VPN providers will have a step-by-step guide on how to do this.
To show you how easy the process is, let me show you how I set up ExpressVPN on my ASUS AC1300UHP.
Step 1: Choosing device for configuration
Once you sign up for ExpressVPN, you will be able to access a setup page where you can select the device you wish to configure for detailed instructions. In my case, I selected “ASUS (including Merlin)”. Merlin is a third-party firmware for ASUS routers, but the setup process works the same as with the standard ASUSWRT firmware.
After you’ve selected your router, I strongly recommend you choose to set up OpenVPN. OpenVPN offers the best combination of speed and security available.
Step 2: OpenVPN configuration
Once you click ‘Configure OpenVPN‘ you will be shown two boxes containing a username and password. Below that will be a few dropdown menus listing the major regions you can choose a VPN server location from. Select one and click on the configuration file you want. Save the .ovpn file to a location you can remember.
Step 3: Log in to router
Open you web browser and navigate to your router login page. For ASUS routers, this is usually 192.168.1.1. Once you log in to your router, on the left menu bar, click on ‘VPN’
Step 4: Add new profile
On the VPN page, select the ‘VPN Client’ tab then click ‘Add Profile’
Step 5: Uploading VPN file
Click ‘OpenVPN’ and fill in the fields. For ‘Description’ you can enter anything that will let you know what VPN connection this is for. Username and password are from Step #2 earlier. Then click ‘Choose File’ and select the .ovpn file you downloaded earlier and click ‘Upload’. Once that’s done click ‘OK’.
Step 6: Activation
Once you’re done, everything should be ready to go. Click on the ‘Activate’ button next to the account you’ve just setup and the connection should proceed. To verify that your VPN is working, make sure you carry out a DNS leak test.
Conclusion: Your Choice of Router is IMPORTANT
To round things off, let’s look at what you need to consider running a VPN on your router. First, a router that has a powerful processor (only look at single core speeds, multi-core is irrelevant for VPN). Second, one that can support VPNs. Alternatively, one that can be re-flashed to support a VPN.
One final word though – no matter that you do, it is extremely unlikely that a standard consumer-grade wireless router will give you fantastic speeds compared to a PC-based VPN client. There’s no rocket science here, it’s simple mathematics.
PC processors will (for now) always remain more powerful and be able to encrypt VPN traffic much faster than routers will. If you can live with that and want to run 20 devices through your router-based VPN, that’s fine though!