Netgear ProSafe VPN not ready for SSL VPN

I purchased a Netgear ProSafe VPN Firewall FVS336G in December 2008. I was mostly interested in its dual-WAN and SSL VPN capabilities. In regards to the SSL VPN feature, I remain disappointed and do not recommend purchasing a FVS336G.

Dual-WAN

The dual-WAN feature works okay for a small business. Basically when WAN1 fails (which requires at least two minutes of no Internet), WAN2 kicks in. Aside from suffering a two-minute outage, this works.

SSL VPN

The SSL VPN feature, however, has never worked. In six months, I’ve made 20 support phone calls and have waited for and installed three separate firmware updates (currently using version 3.0.5-24). Still, I’m unable to establish an SSL VPN connection that doesn’t involve lowering browser security settings, accepting invalid certificates, or even rolling the date on a computer back to 2008.

Netgear’s biggest and most recent folly was that it failed to renew the SSL Certificate they use to sign both the Java and ActiveX clients that are temporarily installed when establishing an SSL VPN session — shown here:

Netgear using an expired certificate

Their certificate expired on 05/08/09. Without a working certificate, browsers rightfully balk at the thought of installing software from an untrusted and unauthenticated source.

I’m sure it was just an oversight, but it’s another thorn in my side. I’ve put forth a lot of effort getting a working SSL VPN connection with this device that is easy for people to use. So far, SSL VPN remains a feature that is marketed for the product but not delivered.

In short, avoid purchasing a Netgear ProSafe VPN Firewall FVS336G if you expect to use their SSL VPN features.