Updated 9/6/2011: Win 7 SSL VPN test update
|At a Glance|
|Product||Cisco Wireless Network Security Firewall (RV 220W)|
|Summary||Small-biz dual-band N router with 10/100/1000 ports and SSL, IPsec and PPTP VPN|
|Pros||• SSL, IPsec, PPTP VPN
• > 700 Mbps routing throughput
• Gigabit ports with jumbo frames
• Dual band N radio
• IPv6 support
|Cons||• Undistinguished wireless performance
• Slow reboots
• A few odd menu organization choices
The RV220W is a step up from the previously-reviewed Cisco RV120W. Both routers are recent additions to Cisco's Small Business RV router series. The RV220W and RV120W are very similar in look and feature set, yet there are a few key differences. The focus of this review is to cover those key differences between the RV220W and RV120W.
Cisco has positioned the RV220W differently than the RV120W, emphasizing the “high performance” of the RV220W vs. the “cost-effectiveness” of the RV120W. As you'll see, the Cisco RV220W has greater throughput, faster interfaces, more VPN options, and more security features than the RV120W.
The RV220W and RV120W share the same classic gray and black business color scheme as well as general shape. Both devices have a black panel on the front displaying the indicator lights for power, WAN, wireless and status of the 4 LAN ports. The RV220W adds indicator lights for diagnostic mode, DMZ, as well as indicators displaying the connection speed (10/100/1000) for devices connected to the LAN ports.
In back of the RV220W are the WAN and LAN ports, as well as a recessed reset button, power connector, and the power switch, shown in Figure 1. Both the RV220W and RV120W use an external power wart that are slightly different in shape, but appear to be interchangeable based on ratings and connector size. Note that the dual-band dipole antennas are attached via RP-SMA connectors so can be upgraded.
Figure 1: RV 220W rear view
The RV220W is physically bigger at 8.7”W x 6.7”D x 1.7”H compared to 5.9”W x 5.9”D x 1.3”H for the RV120W. The RV220W is more robust and heavier, with a metal case compared to the plastic case on the RV120W. This bigger metal case allows for better airflow over the components and better cooling. Like the RV120W, the RV220W does not have a cooling fan, allowing it to run silently.
Inside the metal case of the RV220W are the mainboard and components, shown in Figure 2. Components includes a Cavium CN5010 CPU and Broadcom BCM53115 10/100/1000 switch under the heatsinks in the photo, as well as 128 MB of RAM and 32 MB of flash. Wireless connectivity on the RV220W is based on a Broadcom BCM4322 802.11n radio on a mini-PCI module.
Figure 2: RV 220W board
Note that the RV220W's Cavium CN5010 chip is clocked at 400 MHz, while the RV120W's runs at 300 MHz.
Cisco lists the RV220W along with other routers in the RV model line, which includes the RV120W, RV082, RV042, RV016, RVL200, RVS4000, WRV210, and WRVS4400N. You can compare the features of each of these devices with Cisco's feature comparison tool. For convenience, I've also included a summary of the RV220W features below.
- DHCP, Static, PPPoE, PPTP, L2TP
- Built-in Dynamic DNS clients for TZO and DynDNS
- Static and dynamic routing (RIPv1, RIPv2)
- Spanning Tree Protocol (STP)
- Port-based and 802.1q tag-based VLANs (up to 16), inter-VLAN routing
- Port Address Translation (PAT). Network Address Port Translation (NAPT), NAT traversal, one-to-one NAT
- Session Initiation Protocol Application Layer Gateway (SIP ALG)
- IPv6: Dual-stack IPv4 and IPv6, 6-to-4, Stateless address auto-configuration, DHCP v6, Internet Control Message Protocol (ICMP) v6
- Firewall: Network edge (DMZ), Stateful packet inspection (SPI) firewall, firewall rules, MAC-based access control, IP/MAC binding, wireless profiles
- Security: Static URL blocking, keyword blocking, approved URL, Optional Cisco ProtectLink Web cloud-based security service, HTTPS, username/password, X.509 v3 certificates, Port-based RADIUS authentication (Extensible Authentication Protocol [EAP] MD5, Protected EAP [PEAP]), X.509 v3 certificates, certificate upload using PEM format
- VPN: 25 IPsec site-to-site tunnels, 25 QuickVPN tunnels for remote client access, 5 SSL VPN tunnels, 10 PPTP tunnels
- Encryption: Data Encryption Standard (DES), Triple Data Encryption Standard (3DES) and Advanced Encryption Standard (AES) encryption (128, 192, 256-bit)
- Authentication: MD5/SHA1 authentication
- QoS: 802.1p port-based priority on LAN port, application-based priority on WAN port, 4 queues
- Management protocols: Web browser, Simple Network Management Protocol (SNMP) version 1, 2c, 3, Bonjour, Universal Plug and Play (UPnP), Simple Network Time Protocol (SNTP)
- Event logging: Local, syslog, email alerts, packet captures
- Upgradability: Firmware upgradable through web browser, imported/exported configuration in text format
- Wireless 802.11 b/g/a/n – up to 64 active WLAN clients, supports multiple SSIDs - up to 4 separate virtual networks with separate wireless profiles, supports SSID to VLAN mapping with wireless client isolation
- WMM: Wireless multimedia with QoS (802.1e)
- Wireless Distribution System (WDS): Allows wireless signals to be repeated by up to 4 compatible repeaters
IPv6 fans will note that, like the RV 120W, the 220W must be switched between IPv4 and IPv6 modes. See the RV 120W review for more IPv6 info.
Related Items:New To The Charts: Cisco RV042 Dual WAN VPN Router
Cisco Adds Small-Biz Switches, VPN Router, More
Cisco RV180 VPN Router Reviewed
NETGEAR FVS318N ProSafe Wireless-N 8-port Gigabit VPN Firewall Reviewe
Cisco RV042 v3 Dual WAN VPN Router Reviewed
User reviewsView all user reviews
Average user rating from: 10 user(s)
NOTE! Please post product reviews from actual experience only.
Questions, review comments and opinions about products not based on actual use will not be published.
|User Rating [Back to Top]||Overall:||3.0||Features :||3.0||Performance :||3.1||Reliability :||3.0|
Sadly I have to I admit I lost my time and money with this router
August 27, 2013
Report this review
I'd like to share the issues I had with this router - it might help other prospective buyers to decide.
I bought this router in 2011 in order to replace my old DLink, hoping that a "small business router" will perform better ...
I've updated with latest firmware (latest version is 220.127.116.11, released more than one year ago).
The main issue with its web pages is the slowness. Big slowness on access / change anything in these Web pages. Any change applied is followed by a waiting period (seconds) in order to succeed.
A side effect of this is the "automatic refresh". This happens when displaying the "status / dashboard" pages. The automatic refresh happens every 9 seconds or so and it is not configurable. So I was looking to a page full of information, trying to quickly read as much as I could in those 9 seconds interval (because during refresh time the page content is removed). Very frustrating. Imaging you are reading a Web page which is removed every 9 seconds, with a gap of 5 seconds when you see a progress bar. Who is the User Interface / System Analyst which designed this UI ?
I tryed to encourage myself saying that not all the day the user is using the router Web pages, what is the most important is how this device handles its tasks in the network.
But here, Cisco grossly disappointed me.
Several times each day this router was doing a re-boot. The time was pretty random. You can imagine all users in my LAN having the network access cut (WAN and LAN). Everybody was looking at me - I am the "SysAdmin" for that network.
The next step for me was to look on Internet to see if I am the only one with this issue.
I tried to Google "RV220W re-boot" and I saw that I am not alone. A lot of places where people complained about this.
This is an example you may want to read:
https://supportforums.cisco.com/thread/2195130 (Title: RV220W rebooting at random intervals).
There is no resolution for this issue at this moment.
All kind of workarounds are proposed on forums, such as:
- downgrade to the oldest firmware 18.104.22.168 (what a shame, Cisco!)
- disable some firewall settings in "Firewall/Attack prevention/LAN (Local Network) Security Checks" ( disable Block UDP, disable "Block Fragmented Packets") - I did all of these with no effect
(Cisco claims that the re-boot is a legitimate action router takes to block an attack from WAN, so we need to lower the firewall security to avoid reboot!)
Looking on their Web site I learned that
to get support for Cisco you have to purchase a service contract !
The last straw was when I tried to create a thread on Cisco support forums (the only place where I could hope for free support - I am not a business, just a private user with its home computer(s)). The signup process was very slow when I submitted the form data (what kind of Web servers + software is running there - I had to wait seconds and seconds for the form submit to succeed?)
After I finally created the user, and activated it using the received E-mail, I was unable to login.
The message was:
Your login was unsuccessful for one of the following reasons:
•You entered your user ID and/or password incorrectly. Please try again.
•You recently registered or reset your password and our systems are updating your information. Please try again in 5 minutes.
The coolest advice was "... our systems are updating your information. Please try again in 5 minutes"! He he he...
I can assure you I tried again and again 5 minutes after 5 minutes with the same result. Even now, days after registration, the same "... our systems are updating your information" is displayed.
Anybody can try to create an user name and see on its own.
- random reboot multiple times a day
- slow Web UI + annoying refresh - usability irritation
- miserable non-paid support (basically non usable)
I wasted so much time and energy until I had to acknowledge that I lost my two hundred and something I paid for this piece of hardware. I have to put is in the correct place: the e-waste recycle bin.
For me Cisco looks like a big corporate with chaos inside, but no danger for loss since it sells a lot for enterprise systems (Cisco phones etc.). So the "home user" has no significant place in this picture.
VPN assymetric speed
April 18, 2013
Report this review
Some days ago I got two RV220W devices to test VPN perfomance and got the strange results. I built site to site VPN , IPSec preshared key.
A) AES 256/SHA512/DH Group 1536 Incoming speed Mbit/s 17,07 Outgoing-34,14
B) AES 256/SHA1/DH Group 1024 Incoming speed Mbit/s 33,83 Outgoing 77,66
C) AES 128/SHA1/DH Group 1024 Incoming speed Mbit/s 34.69 Outgoing 78,00
I did not expect to see assymetric speed.
Suppose Cisco knows why? :)
I would not recommend this router
April 10, 2013
Report this review
Usin the latest firmware atm (22.214.171.124) the router seems fairly stable to me..
However, I would really not recommend this router to anyone..
Looking at the firmware change log, the firmware still contains many bugs..
The VPN functionality is close to impossible setting up (I have not managed to do so for now)..
Cisco has not provided any VPN client for Mac OS X users, and the IPsec VPN is not compatible with iPhone/iPad (which was the main reason why i bought this router)..
If you do not need VPN functionality, you should definitely not buy this router..
If you really need VPN functionality that badly, you should definitely go for a more professional solution..
I chose this router because of the Cisco brand.. However, it looks like they have ditched their Small Business series..
Lacking in Development of good firmware
August 27, 2012
Report this review
TBH this router could have been great except for allowing Team F1 to develop the firmware for this device.
Frequent Random Reboots
DHCP Server slow at times.
WebGUI Very Laggy.
SSLVPN issues on RV220W
February 02, 2012
Report this review
I have spent a lot of time trying to configure this device on my own and with CISCO tech support. My case was eventually escalated level 3 (i think).
When accessing https://WAN_IP/portal/sslvpn portal, text fields were grayed out and login button was disabled.
Solution: We eventually figure out that URL is CASE SENSITIVE
You must use https://WAN_IP/portal/SSLVPN for it to work properly.
I am using Windows 7 x64 OS and no matter what I tried I I continuously received the message "Error Virtual Passage Installation Failed!" I built numerous virtual machines and confirmed that Virtual Passage driver works on WIndows XP and WIndows 7 x86, but NOT on x64.
Here is a final response from CISCO tech:
This is a valid issue that has been root caused. The SSL VPN driver file (.sys file) has a self signed Cisco signature but it should have Microsoft signature to get around the below Windows error.
This will be fixed for the upcoming MR2 release. We are investigating whether a work around to the below installation issue is available with the current firmware.
(Firmware Version: 126.96.36.199).