This router shines in the wireless department as it offers a wealth of unexpected features. The router can act as an access point (AP), a client or a bridged client, or function in Ad Hoc mode. General security is tops as you can select WEP or WPA/WPA2 encryption and use the Personal or Enterprise option where the latter requires a RADIUS server for external authentication. You can also activate SSID masking, use RADIUS alone and allow both 802.11b and g clients to have access. MAC filtering also enables you to tighten things up further by creating either allow or deny lists of client addresses.
New in v24 are virtual interfaces making the router extremely versatile as you can create multiple SSIDs each with their own encryption scheme. There's also an option to enable support for Buffalo's AOSS (AirStation One-touch Secure System) which streamlines setting up the best wireless security with clients equipped with Buffalo wireless PC Cards. Wireless hotspot capabilities also make DD-WRT stand out from the crowd and on the Buffalo router are designed to work with Sputnik and WiFiDog authentication servers.
Standard security is handled by an SPI firewall which includes the usual mix of options to filter proxy servers, ActiveX controls and Java apps. Policies are used to implement access restrictions to selected lists of client systems and can be active for selected days and time periods. You can block all P2P apps or selected services as well and DD-WRT provides an extensive selection to choose from. Web access features are unimpressive as all you can do is create a list of up to nine URLs and six keywords where access is to be blocked.
Quality of service (QoS) options are most interesting as these are used to prioritise traffic for particular services. You can choose from a wide selection of predefined services or create your own and apply one of five priorities to each one to control WAN usage. There's more as priorities can be applied to IP address ranges, specific devices defined by their MAC address and even to individual ports on the router. Port and port range forwarding are on the menu and the DMZ option allows one internal IP address to sidestep the firewall for full exposure to the Internet. The router even offers a WoL (wake on LAN) daemon which can be used to automatically or manually wake up selected LAN clients that have a compliant network adapter.
This DD-WRT equipped router is a worthy choice for professionals and enthusiasts that don't mind getting their hands dirty. It offer a superb level of features and although documentation for most of them is non-existent there is a flourishing user community offering a wealth of inside information on its inner workings.