I finally got around to replacing my Apple Airport Extreme as my home router. Airports have a few nice features, such as nice seamless extension of a wireless network, and sharing of HFS-formatted hard drives. But as routers, they pretty much blow. You can't add static routes, and they don't have integrated VPN capabilities.
I selected a NetGear FVS318 v3 as a router, mostly because I had read some posts that many people had made it work with the IPSec VPN utility IPSecuritas. It pretty much worked out of the box: I set up the router normally (I have a fixed IP address at home), then followed the instructions built in to IPSecuritas for the 318 router.
I was careful to select an internal network scheme that is unlikely to collide with common schemes found at internet cafes and most companies. That is, my home network is *not* in 192.168.0.0/16 or 172.16.0.0/*, nor is it 10.0.0.0/24. There seems to be a way to configure IPSec to "reverse NAT" so that inbound remote connections masquerade as an address on the local network. I need to figure that one out.
Testing an IPSec VPN at home is a little tricky. Most people don't have an extra external IP address at home they can use as a test, so one would have to set things up and then test connecting to home from the office or a neighbor's house. But I have a Sprint EVDO USB, so I was able to connect with that.
The FVS318 also allowed me to add a static route so that my OpenVPN (which is running on my old Linux machine) will work as well, so I have two VPNs, in case there is an address conflict with the IPSec network.
