NexLand ISB Pro800 Turbo Router ReviewFormer staff writer - June 30, 2002
Closer Look (Continued)
This is a very nice feature for users that don't have a static IP. My WAN2 modem which is PPPoE has a dynamic IP address, which means every time I connect to the Internet I get a different IP address. If your running an FTP, Mail, or a web server than this can cause many problems. Nexland has included a "Dynamic DNS" feature that allows you to have a static hostname such as, overclockersclub.nexland.net through a service called TZO. When you get a new IP address, the Nexland router will automatically contact TZO and update your IP so your hostname is updated.
The "Routing" screen is for advance users, who have more than one router on their network. The Nexland ISB PRo800 Turbo supports RIP2 protocol. RIP2 allows the ISB to automatically re-direct packets to the correct router on your network. If you don't understand any of this, then you shouldn't touch anything on this screen :)
The "Host IP & Group" allows you to customize what user gets, what IP, and if you want that user to have Internet access through WAN 1 or WAN 2. This would be really good if you had one computer that was a web server and you wanted to make WAN 1 dedicated for the web server only. Another idea, is if you only have two computers on your network, then you could bind WAN 1 to one of the computers and WAN 2 to the other. Then both of the computers could have their own high-speed line. The router identifies the computers by the adapter address of their network card (this is also called the MAC address). In order to find out what your MAC address is, in windows 2k, XP use "ipconfig", in windows 98/me use "winipcfg", and in Linux use "ifconfig".
This screen is more for businesses wanting to limit what content is allowed in to their network. However, this could also be good if your a parent that has a computer and have a son or daughter that has his or her own computer. You could easily limit them access to only surf the web or use email only. I have finally found a feature that this router doesn't have. On my old Linksys router there was an option to choose "when" these filters were to be applied. Like, say you wanted to block web surfing during business hours, or late at night for the kids, it would. I really wish they would add this feature, to the ISB Pro800 Turbo.
After using a router/firewall for awhile, you will notice that a few applications and games may not run well or even at all, unless you open ports up on the router. By default the router blocks all inbound tcp and udp ports. If you need to open a specific port, or a range of ports, this is where you do that at. Notice "Test2" that I setup. This allows any inbound connections to port 23, and what ever service that runs on port 23 (usually telnet) will be able to send traffic back to client on ANY ports from 1-64443 since I specified that in the "Outgoing" field.
The "Virtual Servers" screen is a feature I always look for in a router. If a router doesn't have this feature, I don't give that router a second look. How does it work? Well, lets say I have a web server on machine, 192.168.1.99 and the domain name is, mydomain.com. If someone from the Internet tried going to mydomain.com then the router would just drop the packet because it doesn't know where to send it. That's where the Virtual Servers feature comes in to play. If I click on the box beside Web Server and then typed in the IP 192.168.1.99 (the machine that is running the web server) then the router would map any connection requests for port 80 (web server port) to 192.168.1.99. Therefore users from the Internet would now be able to access mydomain.com.
The "Virtual Servers" screen is a very nice feature, however it only has about a dozen pre-configured ports. If your running a gaming server or a server ports that isn't listed in the "Virtual Servers" screen, then you can manually enter in any port on the "Custom Virtual Servers" screen. I'm running a Half Life Death Match server on 192.168.1.5 and I would like users from the Internet to have access to it. I know that Half life servers run on port 27015 by default, so I entered it in as the TCP port, and since the game server is running on 192.168.1.5 I entered it in as the IP. Users will now be able to access the games server, thanks to the custom virtual servers feature.
The DMZ feature can be very good, and it also can be very bad, depending on how you look at it. If you set an ip like, 192.168.1.99 as the DMZ (demilitarized zone) then 192.168.1.99 will be no longer be 'behind' the routers firewall, therefore exposing 192.168.1.99 to the Internet. On the screen it says: This feature allows one (1) computer to have unrestricted 2-way communication with Internet servers or users. This is useful for hosting games or special servers/applications. Because of the security risk, this feature should be activated only when required. You should really never have to use this feature because you can use virtual servers to open ports to computers on your network.
Ah, last but certainly not least the "Expert" screen. This page has more of the advance features of the router. The first option on the screen is Load Balancing. This settings will tell the router what percentage of traffic to send to each WAN port. For example, if your WAN 2 port was a cable connection that was slower than your DSL connection on WAN 1, you could use this option to tell the router to send more traffic to WAN 1. I had to lookup the SMTP bind feature in the manual because honestly, I had no idea what this did. The manual states this: ?If you have Internet accounts from two separate ISPs connected simultaneously, you might have to make sure that your e-mail (SMTP protocol) only transmits on the WAN connection associated with your e-mail server. Otherwise, the server might reject the e-mail being sent from a different domain. You can choose WAN 1 or WAN 2. "None" (no binding) is the default.
Idle renew DHCP is an option you can specify how often the router will try to renew your DHCP Internet connections. I have left mine to "0" and all has been well. I love the MTU option on this router! This is the first router that I have had, that has this option. "A maximum transmission unit (MTU) is the largest size packet or frame, specified in octets (eight-bit bytes), that can be sent in a packet- or frame-based network such as the Internet. The Internet's Transmission Control Protocol uses the MTU to determine the maximum size of each packet in any transmission. Too large an MTU size may mean retransmissions if the packet encounters a router that can't handle that large a packet. Too small an MTU size means relatively more header overhead and more acknowledgements that have to be sent and handled." -Whatis The MTU size can be tweaked to make your Internet connection a little faster. Please see DSLReports.com for more information. You will notice from the picture, that you can set a different MTU size for each WAN port.
Allow Ident Port is fairly self explanatory. If you can't figure it out, by clicking enable, this will open port 113 (Ident). This is used by some FTP sites, IRC servers, and various other things. However by enabling it, it will no longer be stealth if that port is scanned. If you disable NAT it will turn your router in to a bridge or pure router. In order to disable NAT you will need to create entries manually in the routing table or be using RIP2 for communications.
You have two options for logging, debug and user mode. You really wouldn't want to turn on debug mode unless you wanted very detail logging such as port scans, ect.. Also leaving it on debug mode when the router is under extremely high load, can cause problems.
Main test system:
The first test I did was, testing to see what pings I could get while playing Half Life Death Match on an Internet server while uploading and while not uploading. During the test while I was uploading, I was uploading 3dMark2001SE to my web site.
24 Ping while not uploading
254 Ping while uploading (ouch)
I really did not understand this. When I connected to the Half life server, the router should of routed the connection to the WAN port with less load. I'm not really sure if it did or not, it appears it didn't from the looks of the ping.
To test the transfer rate, I sent an 258Mb ISO file to another computer on my network. The computer is about 100 feet a way, and computers have 10/100 Ethernet cards, running in Full Duplex mode.
Time Took: 30secs
File size: 258Mb
Knowing this, we can calculate this to, 8.6 megs per sec or 68.8 megabits per sec (router talk).
Here is the real test! Actual downloading off the Internet! As you can see from the picture, I was able to download two files and both at 151KB/sec!
151KB + 151KB = 302KB/sec equal to: 2416kb/sec (kilobits) and is also equal to: 2.4mbit/sec (megabits)
The Nexland ISB Pro800Turbo router is by far the most superior router that I have ever seen. With all of its splendor and beauty, there are still a few things I did not like. The router comes with 8 ports, when it should come with 16 ports because of the price. As I said earlier in the review: "On my old Linksys router there was an option to choose the time of when the access filters were to be applied. Like, say you wanted to block web surfing during business hours, or just late at night for the kids, then having this feature you could do just that. I would have liked to of seen this feature on the ISB Pro800 Turbo." While I was Internet surfing I could tell that the speed was increased by about 50-60%. While downloading two files, you could definitely see the load balancing feature kicking in!
Would I recommend this to a home user? Well, yes and no. There aren't many home users that will need this type of router. If your looking for better pings while playing games, stick with what you have. If your the type of person constantly downloading mp3s and other things then this might be right up your alley! If your a home user and are considering buying this router for two connections, I'd first recommend you call your ISP up and make sure you can get another broadband line in your house. They were very suspicious when I called them up, asking for a new phone line and DSL on that line :)
Would I recommend this to a business? Most definitely! With this router being able to host 253 connections, 10 included licenses of Symantec RaptorMobile VPN, secure firewall, backup feature, load balancing, speed, and the 5 year warranty, what more could a business want?
Don't forget that this router does cost $400 and is a lot of money for a home user, and maybe even a few businesses. However, I think it is worth it, if you fall in the categories I listed above.
We would like to thank NexLand.com for providing us this router to review! Thanks Mike!
- Easy setup
- Many configuration options
- Secure firewall
- Load balancing of two broadband connections
- Great documentation
- No timed access filters
- Only 8 LAN ports
Discuss this review in the forums