What you get for your money
Connecting the RT-N66U as an Ethernet Router
Connecting the RT-N66U as a Wireless Access Point
3G Backup Connectivity
Media Server Functionality
Guest Wireless Networks
Traffic Manager and Quality of Service (QoS)
Miscellaneous Router Options
The Asus RT-N66U has a slightly more memorable name in the form of the ‘Dark Knight’, which seems to be a nod to the black styling. The router is one of the new breed that offers high WAN to LAN throughputs, supports concurrent dual-band wireless networks (and importantly is WiFi certified, for a,b,g, and n networks), along with a long feature list of which some highlights are two USB ports for external hard drives, printer sharing, IPv6 support, QoS controls, iTunes server, 3G USB dongle connectivity, Samba file sharing, Dynamic DNS, USB charging for phones, download HTTP, bittorrent and NZB files to a USB disk without a computer. There is also the option to use the router as a pure wireless access point.
The desire for Ethernet WAN routers was until the last couple of years limited to cable broadband connections, but the rollout of GEA FTTC and FTTP where the VDSL2 modem or fibre ONT is supplied means many more people are looking for a router that can handle the fast connections.
The support for concurrent use of 2.4GHz and 5GHz networks, along with comprehensive media server support means the router is perfect for tablet owners, who do not have massive hard drives in their devices, and the Dark Knight even extends access of these files from the home network to protected access from the Internet.
The router utilises some GPL source code, in common with projects like Oleg/Tomato/DD-WRT/OpenWRT and with a Broadcom 4706 CPU running @ 600 MHz plus 256MB of RAM and 32MB of Flash Memory the router is ideal for those wanting to use DD-WRT firmware in place of the Asus developed firmware. The router even has a micro SDHC slot on board for internal storage expansion.
The RT-N66U retails for around £120 currently and comes with the following contents in its box.
While a CD is supplied, there is no need to use this, but it does provide a device discovery utility to help find out the routers IP address when using wireless access point mode. For a router which invites experimentation, there is a useful firmware restoration and a software based setup wizard. As is common with most router software it targets Microsoft Windows.
The level of consideration given to heat management is very apparent if you look at the full size circuit board picture, which reveals a large heatsink that stretches almost the width of the case.
The router has three detachable antenna and running through the ports from left to right we have:
The rear of the router can get very crowded when using all the available ports, and when plugging in USB devices be careful not to release the power button accidentally. Unusually the power supply for the RT-N66U has a bright blue LED in it, the amount of smoothing in the power supply is surprising, with the LED running for 30 seconds after switching off the mains.
The top of the router has 9 nine stealth LED’s which become very apparent once you plug in the power supply. The LED’s appear to be super bright blue, and if the router is located in any room where people are trying to sleep we can imagine people getting out some tape to cover them.
The easiest way to setup the router is to connect a computer using an Ethernet cable to one of the four LAN ports, but in its default mode the router does offer two wireless networks (2.4GHz and 5GHz) which are totally open. We would recommend once your basic configuration is complete to enable encryption on these wireless links.
The default IP address or the router is 192.168.1.1 and as soon as you open any web browser the router intercepts the web page request and re-directs you to the routers configuration wizard. If you find your computer is very slow to be redirected, we would suggest checking that no AV software or parental controls running on the computer are impeding things.
The next step in the wizard encourages you to alter the default router administrator password from the common default of admin. The username for the router login is fixed as admin. While blank passwords are not allowed, the interface does allow stupidly simple single character passwords, which is far from ideal.
We were using a simple DHCP Internet connection, which the router auto-detected. For those with an Openreach modem it should detect you require PPPoE authentication settings and prompt you to enter them.
To try and ensure people do not leave their wireless network open, the wizard invites you to set security keys for both wireless networks the router runs. The observant may notice a browser rendering issue, which otherwise spoils a very slick looking web interface.
The summary page after configuration summarises the settings you have made. We have blanked out our wireless security keys.
With configuration complete we now have access to the routers main web page, which lets us see for the first time the range of configuration options available to us.
While we have not covered them, the other connection options for the router, in addition to the automatic IP for the routers WAN interface, are PPPoE, PPTP, L2TP and static IP.
The PPPoE settings that UK users will generally have to set are the username and password, which should have been supplied by your broadband provider. The MTU and MRU can be adjusted if you want. MAC cloning is supported, so for those whose provider issues the IP address based on a registered MAC address there is the option to enter a custom MAC address.
Configuring the router as a wireless access point may seem an usual step with such a powerful router, but you retain the functionality in terms of media server. So we can see a good many people using the router in this mode, particularly if on an ADSL or ADSL2+ connection which is already terminated in a combined modem/router unit.
Unlike hacking an access point as with many other routers, the RT-N66U access point mode allows you to keep the parent connection connected to the WAN Ethernet port, leaving you with a four port LAN switch. Many devices simply disable the DHCP server and require you to connect to a LAN port switch.
To switch into Access Point (AP) mode, click the Administration link under Advanced Settings, and do pay heed to the warning that the router will NOT have its standard IP address after switching to this mode. The IP address should in the same range as the parent router after this, for Windows users where the parent router does not easily list every device’s IP address there is the Asus Device Discovery software (the utilities are included on the supplied CD or can be downloaded from the Asus Website Router Support Section).
If you are happy doing so, when configuring access point mode you can set the LAN IP address of the RT-N66U manually.
Once the changes to the router are complete, we recommend renewing your computers IP address so that it will refresh its IP address. The web interface of the router is much simpler once in Access Point mode, as the various port forwarding and other NAT functionality have been removed.
3G backup connectivity is an interesting addition to a router, and integration into your home network will be welcomed by some. There is one downside and that would be the cost of the data during any fall over to 3G, particularly as the RT-N66U handles this seamlessly, and if in a good 3G coverage area, someone accessing the Internet via the router may not be aware of the switch to a costly connection.
Configuring the 3G is simply a case of plugging in your USB dongle, and then clicking the 3G/WiMax button.
There are settings pre-configured for 3, O2, Vodafone and Orange, but do check that the settings agree with what you would usually use with the specific dongle.
There is very little in the way of feedback on how the connection is working. The system log is the only place to check if for some reason the 3G does not connect. So do check your dongle works with the router before that time when you are in a panic and trying to get it to work.
Utilising the USB connectivity is very simply, just plug your USB storage device into one of the USB ports and the RT-N66U will mount the device, and report that it is connected via the routers network map.
If you do go to the extent (and invalidate your warranty) of opening the routers case to use the microS DHC slot on the circuit board you should be aware that while the storage card is accessible just like any other storage device, it does not appear on the network map page.
The default option on the router is to make any storage available via the share \\RT-N66U. To change how the files on the connected device are shared, change the settings in the Servers Center.
AiDisk – Internet Access to Files
With home broadband connections now starting to offer faster upstream speeds, there are more and more people storing their media on a home server, and the RT-N66U offers you the option of making files available from the Internet side of the router.
AiDisk is essentially a fancy name for making the files available via FTP. The router guides you through the process, making the process as simple as possible. You can grant three levels of access:
The different levels of access control who can read and write to the storage via the Internet. Obviously if letting people have write access, you will want to ensure a good password is used.
The middle step no matter what sort of access rights you decide on handles how people will access your FTP server. For people with a static IP address skipping the Asus DDNS option is a good idea, but for the majority who have a dynamic IP address registering the router to use a dynamic DNS service would be a good idea. The dynamic DNS needs to be configured before enabling the Ai Disk and the following dynamic DNS services are supported:
If using the router in a double NAT mode (i.e. behind another NAT router) or in access point mode, then you will also need to setup port forwarding on this other router if you want the FTP server visible from the Internet.
The FTP Share configuration allows you to assign more complex folder permissions, allowing you to assign folders to individual login accounts, and restrict read/write permissions.
The server center providers the central point for configuring access to data on the attached USB devices. By default the DLNA Media Server is enabled, which means media will be visible to a wide variety of devices.
The iTunes server, if enabled, will allow you to point an installation of iTunes to a folder on a device attached to the router, and thus make available your iTunes library to your iPad or iPhone without having to have the main computer switched on.
The Samba Share is designed to allow access to file shares from Linux, OS X and Windows. By default, connected storage is available over the share, but you can enable account based access, meaning people accessing the network share need to provide a username and password.
The Miscellaneous settings tab lets you change the device name, so you can make the files available via something more meaningful than \\RT-N66U.
Network Printer Server
Sharing a USB printer can prove to be very useful on a home network, as then any computer can print from anywhere in the home. The RT-N66U supports two ways to share the printer, Asus own EZ printer sharing software or the LPR protocol. The router simply points you at the Windows software, or an online FAQ to help you configure the printer sharing.
This option allows you to use the RT-N66U as a download client for a variety of network protocols, including HTTP, FTP, torrent files, NZB newsgroup files and ed2K.
To install the client software to an attached storage device, click its icon. The router will proceed to check the disk and install the Download Master client software. Once the install is successful you can use the client.
The general settings section allows you to configure the folder files will be downloaded to, and whether to start queued downloads immediately or schedule them for some other time, for example if your ISP has unmetered overnight bandwidth you can queue several GB for download overnight.
The Bit Torrent client is configurable to allow you to limit how much of your Internet connections download and upload bandwidth to utilise, and by default has encryption enabled. Downloading NZB files requires you to configure the USENET Server to use, and supports authentication for use with premium newsgroup services. aMule is another peer to peer client system, and is a version of eMule.
To add a file to the queue, simple click the Add button and enter the HTTP or FTP link for the file, or browse to where you have the torrent or NZB file to start the download.
You can queue up files and individually pause them or pause everything in the queue. The transfer rate is expressed in Kilo Bytes per second (KBps), which is the same units as the Traffic Monitor. The use of KBps is the equivalent of what browsers report for downloads which is KB/sec , access speeds for a broadband connection are normally quoted in Kbps (Kilo bits per second), with their being eight bits in every Byte.
Your broadband router is generally the one device you leave switched on overnight, and as the RT- N66U is fan less it is also silent, so will not annoy with fan noise as it downloads data to storage. By using a large USB key or micro SDHC card you can even avoid the small level of noise from a hard drive. Once a file download has completed, it remains in the list so you can positively check the download completed.
Associating all your own devices with a wireless network in your home is easy enough, and the advent of simple WPS authentication has helped a lot, but that is not always the full story. Very often small businesses want to offer visitors access to the Internet, but do not want to pass out their own wireless security key because it would expose their company Intranet. Of course the expensive solution to this problem is to create a separate network for these guests, and the RT-N66U with its support for up to 6 guest networks makes the job even easier.
The six networks are split equally between 2.4GHz and 5GHz networks, and can be configured to provide both encrypted and unencrypted access. The guest networks can be configured as an open network, or with WEP encryption to protect the user’s wireless traffic.
The access time starts counting down as soon as you configure a guest network, which means if you configure the network to have 15 minutes of access, 15 minutes after configuring the network it will cease to be visible. This means that you cannot use the guest networks for a permanently configured otspot, but that you need to configure it just before anyone wants to connect. There is the option to have limitless time, and leave the guest option open permanently of course.
One aspect of the guest access that we would like to see changed, is that you can still access the routers web interface in guest mode, making your choice of router admin password very important.
While traffic management may be less of a concern to users with 100 Mbps and faster links, those with slower connections may find that the QoS options in the router are very useful in a household where everyone seems to own two or three devices that connect to the Internet. In homes where the broadband connection is a below average 5 or 6 Mbps, QoS functionality is even more important if you don’t want a Netflix stream to interfere with online gaming.
At its simplest level the QoS is a simple on switch, and then entering your upload and download bandwidths. You need to get these figures correctly, and they are expressed in Kilo bits per second (Kb/s) or Mega bits per second (Mb/s). If you enter a too low a figure for your connection your total throughput will be limited. Once the connections speed is configured the router will automatically manage traffic to prioritise online gaming traffic and web traffic against services like peer to peer (BitTorrent).
The user defined QoS looks a lot more complex, but for people with 15 or 20 devices connected to their network it is worth investigating. Particularly as you can with careful configuration ensure that a video call using FaceTime is not impacted by a large game patch suddenly downloaded across the PlayStation network.
The QoS operates around five priority levels, and only limits a particular protocol/port if the connection is being heavily utilised.
Virtual Server / Port Forwarding
Port forwarding is needed if you want to host a service running behind a NAT router and have Internet based devices accessing the service. The RT-N66U follows a tried and tested formula of having some pre-configured services simply requiring you to select the computer that is running the actual service.
Using one of the pre-configured services is just a case of picking it from the two lists. Selecting the servers LAN IP address (you normally assign a static LAN IP address to a device running a service, or rely on address reservation in the DHCP server). Set the local port for the service and click the + symbol to add the rule. Don’t forget to click the APPLY button, as the new rule is not active until then.
The router gives a warning about the router using port 80 for its interface, but this does not stop you forwarding port 80 to a local server unless you have enabled remote access to this port so you can configure the router remotely. Similarly for the TCP ports 20 and 21, these are not available for forwarding if running the FTP server in the router and it is visible across the Internet.
While you can normally configure port forwarding to allow most server type software to be accessed across the Internet, there are sometimes software such as games that do not co-operate with NAT and port forwarding. This is where DMZ comes into play, as it allows you to forward all traffic to a single device, of course doing this exposes the computer to the Internet and the constituent risks. Therefore only use DMZ if you are aware of the risks, and have adequate firewall protection running on the device you expose.
VPN servers are generally more a feature of business level routers and the presence of one on the RT-N66U reflects the positioning of the router as a device suitable for all those from small businesses to Internet Geeks.
The advantage to connecting to the LAN side of a router via a VPN is that you are then operating as if on the LAN physically, and thus have access to file repositories, making it very easy for remote workers to upload large data sets.
The VPN server offers a basic PPTP service, with MS-CHAP v1 and v2 authentication and can support a maximum of 10 clients connected at a single time. A useful guide to setting up the client PPTP VPN connections is provided on the Asus website which also includes a matrix showing how the various server options translate into settings for Microsoft Windows and OSX.
In addition to the basic protection offered by NAT, which automatically drops unsolicited incoming connections, the router offers a fairly standard firewall package.
If you are going to try and use the thinkbroadband Broadband Quality Monitor service, you will have to set Respond Ping Request from WAN to Yes, otherwise the router will not respond to ICMP pings.
For those who believe their connection is under attack, there is a logging option where you can choose to log dropped or accepted packets. Logging of accepted packets can be a useful way of debugging connectivity to services exposed via Port Forwarding.
Enabling the Web Access from WAN should only be done if you require access to the routers web interface over the Internet, but be aware that you are very much relying on the strength of the routers admin password to stop people reconfiguring it, e.g. setting up a VPN server so they can then access computers on your LAN. Also enabling this option will mean that port 80 is unavailable for port forwarding.
While the parental controls side of the router is sparse, the URL Filter tab allows you to build a list of blocked domain names, and as this does wildcard matching you can easily block all parts of a website, including subdomains. Unfortunately the wildcard matching does not extend to the Top Level Domain (TLD) which would have allowed users to block all .xxx websites if they wished.
The Network Services Filter is more powerful, and is intended to allow you to block (black list) or allow out from your network (white list) certain traffic types. The filtering can be enabled for a period of time each day, and applied to specific devices, so for example if you want to restrict access to basic web access for a teenagers tablet you can configure this.
Dynamic DNS Services
DynDNS is perhaps the best known service, but Asus run their own service which Asus router users get access to. You simply need to select a unique name which is pre-pended to the domain name asuscomm.com.
The advantage is that for those router users on a service where the Internet facing IP address is dynamic, the built in DDNS client will contact the name service when a new IP address is detected and re-register itself. With all the remote access functionality of the RT-N66U this is a very useful option.
The router is seriously impressive when looking at WAN to LAN throughput, we used our usual testing setup, and were able to download at a rate of 678 Mbps to a client on the LAN side of the RT-N66U and the upload was measured at 506 Mbps. The download speed of 678 Mbps is very close to the rate of 700 Mbps at which we can pass data between the two Gigabit enabled computers when they are connected to the same switch.
We did initially think the router was performing very badly, but remembered we have been experimenting with the QoS controls and had limited the router to a 64 Mbps download and 700 Kbps upload, turning off QoS quickly fixed that. This gotcha is one to watch out for if you upgrade to a faster broadband package after you configure the router. For those in shared households, the ability of QoS to limit the WAN throughput means you could segment your network by inserting an RT-N66U and limit those behind the router to perhaps 50% of your network traffic.
We enabled 40 MHz channel widths for the wireless testing to squeeze as much speed as possible out of the router. The testing was carried out with two servers, one connected via Ethernet to the routers WAN port, and the other using wireless. The results are the result of a 60 second test, so represent the ability for the device to sustain the speed.
|Top floor (same room as router)||2.4GHz||Download 113 Mbps
Upload 59 Mbps
|1st Floor||2.4GHz||Download 23 Mbps
Upload 44 Mbps
|Ground floor||2.4GHz||Download 17 Mbps
Upload 45 Mbps
|Conservatory||2.4GHz||Download 7.7 Mbps
Upload 10.6 Mbps
|Shed||2.4GHz||Download 7.7 Mbps
Upload 10.6 Mbps
|Top floor (same room as router)||5GHz||Download 140 Mbps
Upload 90 Mbps
|1st Floor||5GHz||Download 65 Mbps
Upload 92 Mbps
|Ground floor||5GHz||Download 105 Mbps
Upload 60 Mbps
The lack of signal in the conservatory and shed are pretty standard for 5GHz wireless, which seems happy to pass through floor boards, but does not like solid brick walls very well. The fact that the 5GHz was faster on the ground floor when further away from the router, compared to the middle floor was unusual, we were able to reproduce this and it may simply be down to the multiple antenna of the RT-N66U and how reflections can sometimes help wireless.
We tested the USB systems read/write performance by using a large (1 GigaByte) file and timing the operations. We have included the speeds reading and writing to the same device when connected to a PC.
|File copy to USB stick connected to RT-N66U||26 Mbps (Mega bits per second)|
|File read from USB stick connected to RT-N66U||91 Mbps|
|File copy to USB connected to PC||33 Mbps|
|File read from USB stick connected to PC||125 Mbps|
|File copy to USB 2 HDD connected to RT-N66U||126 Mbps|
|File read from USB 2 HDD connected to RT-N66U||85 Mbps|
|File copy to USB 2 HDD connected to PC||240 Mbps|
|File read from USB 2 HDD connected to PC||235 Mbps|
|File read from routers WAN FTP server (USB HDD)||103 Mbps|
|File copy to routers WAN FTP server (USB HDD)||59.4 Mbps|
The USB system on the RT-N66U seems pretty fast, but the difference between using a USB stick and a USB 2.0 hard drive reveals how important the choice of storage media is when using the RT-N66U as a media server.
The RT-N66U is expensive for an Ethernet router at £100 to £120, but if you have a very fast broadband connection it makes no sense to cut corners and restrict your Internet access speed due to the choice of your broadband router. The ability to run both 2.4GHz and 5GHz networks at the same time also means that you can avoid the increasing amount of WiFi congestion on the more common 2.4GHz band.
Where the RT-N66U shows its real value is if you intend to utilise its media server capabilities and have DNLA compatible devices hooked up to your entertainment system. The router is not as fully featured as a full home server PC, but its attraction is in providing a relatively low power permanently on device that fulfils the basic requirements. The fact you can flash the router with DD- WRT firmware, combined with plentiful memory and a fast processor also make the device ideal for the true router enthusiast.
If there was a wish list we could submit to Asus for the router, top of the list would be an option to dim the LED’s considerably; shorter periods of time after applying a setting (you often have to wait 10 to 15 seconds for a progress indicator to complete); more meaningful parental controls; better feedback from the 3G modem option; and the ability to hide the routers web interface from guest wireless networks.
Router hardware has come on leaps and bounds, and is clearly getting ready for the task of handling Gigabit Internet connections into the home. The results of our performance testing show that Ethernet is still the king with regards to getting very fast connections around the home and that the actual bottlenecks for connections of 300 Mbps and faster may not be the broadband link or router, but the ability for the remote server to generate the data and local hardware to write the data to storage devices.
Please click on an image to see it in full resolution.