3Com OfficeConnect Wireless Cable/DSL Gateway

By Brien M. Posey

January 16, 2003

The 3Com OfficeConnect Wireless Cable/DSL Gateway is an adequate product for home or small office use, but skip it if you already have a network or if you're looking for high download speeds.

Model Number: 3CWE51196 ($177)

The 3Com 3CRWE51196 Wireless Cable/DSL Gateway is a standard Internet connection sharing router with a wireless access point. Although it lacks some of the speed and advanced features typically found in similar products, it still does a nice job.

Pros:

  • Nice configuration wizard
  • Automatically detects and connects to the Internet when possible

Cons:

  • Hard coded subnet mask
  • Finicky with DNS settings
  • Only 32 wireless users at a time

SETUP/INSTALLATION

Setting the OfficeConnect Gateway up involved attaching it to my DSL modem and primary switch via RJ-45 Ethernet cables. Like so many other Internet connection sharing devices, the unit uses the 192.168.x.x address range. I simply configured one of my PCs to act as a DHCP client, opened Internet Explorer, and entered the unit's IP address to configure it.

The biggest problem I had with the configuration wizard was when I was asked for my LAN IP address. Although the unit will accept any IP address, it has a drop down list containing seven subnet masks that you must choose from. All of these subnet masks were designed for class C IP address ranges. My network uses a class B IP address, and I was unable to find a suitable subnet mask on the list. I had to temporarily reconfigure my network to use class C addresses. In a lab this is no big deal, but if I had purchased this unit I would have returned it rather than reconfigure my entire network.

Shortly before completing the wizard, the OfficeConnect tried to automatically detect my Internet connection. My DSL connection uses PPPoE, so it was unable to connect without my password, but the very next question asked for my PPPoE information. After entering the data, it automatically established a connection.

However, try as I might, I was unable to access a single Web site. While entering the addresses of DNS servers is supposedly optional, I went ahead and manually entered them. The Internet connection then began to work. Of course, my DNS server also had to be reconfigured to use a class C IP address so that the 3Com unit could communicate with it.

PERFORMANCE

I went to http://www.dslreports.com/stest during off-peak hours and ran the speed test. In the area where I live, my ISP only offers DSL speeds of up to 384 Kbps (upload and download). The DSL Reports speed test reported an upload speed of 142 Kbps and a download speed of 318 Kbps. The download speed is much lower than I have seen on any other routers that I've tested.

ACCESS CONTROL

The device's primary access control mechanism aside from password protection, is something called PC Privileges, found on the Firewall screen. It allows you to grant or deny permission to access the Internet based on a PC's IP address. You can limit a specific PC to Internet access for a specific service such as E-mail, Web, FTP, or NNTP. You can even permit or block access to all ports except for a series of ports that you specify. Although the interface does allow you to open and close individual ports, the feature is cumbersome to use.

One potential problem: The access control mechanism is based on IP address rather than MAC address. This is fine in an environment that uses static IP addresses, but as a DHCP server does it really make sense to control access based on addresses that could change tomorrow? The unit allows you to permanently associate a PC with an IP address assigned by the DHCP server, but it seems like that this defeats the purpose.

SECURITY

Security features include VPN support and a firewall. While I found both of these features to be adequate for most home users, they did seem to be somewhat lacking. The unit supported PPTP and IPSec based VPNs, but not L2TP.

Likewise, the firewall was lacking some features, such as port forwarding or a screen allowing you to open or block ports on a global basis (though it does support triggered maps). The PC Privileges section I described earlier was the main mechanism for controlling the firewall.

I like the automatic hacker detection. The unit looks for specific patterns of activity which, if detected, are automatically blocked. The unit is capable of detecting denial of service attempts and other common attacks.

To test the unit's firewall's capabilities, I used the ShieldsUp utility found at http://grc.com. The firewall performed exactly as it was supposed to, with no obvious vulnerabilities. On most routers I've seen, port 113 is running in Stealth mode. On the OfficeConnect however, port 113 simply shows up as blocked. This is a security weakness, although not a serious one, because if a hacker were to perform port scans on port 113 for a block of IP addresses, they would be able to tell that a PC does exist at your address.

PERFORMANCE

I tested the unit's wireless throughput by using NetIQ's Qcheck to measure the throughput between a Sony laptop with a wireless Linksys card and a PC on the wired network. During these tests, the wireless network was configured to use 128 bit WEP encryption.

In the same room from a distance of about 10 feet from the access point, throughput was about 4.7Mbps, and 4.2Mbps further away on the same floor. Even in a room filled with lots of metal ductwork and other objects that tend to interfere with a signal, the throughput was about 3.9Mbps. Outdoors at 100 feet away from the access point things dropped to 1.8Mbps.

SUMMARY

The 3Com OfficeConnect Wireless Cable/DSL Gateway is a decent product, but would be most appropriate in a home environment, since it's lacking some of the features typically found for small businesses. Anyone who's not looking for a lot of advanced features should be very happy with this unit and its performance. The unit is most appropriate for the novice who has never worked with a wireless access point before -- those with an existing network might want to leave it be so as not to reconfigure all systems from the ground up.



Comment and Contribute
(Maximum characters: 1200). You have
characters left.