Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Wi-Fi Router Charts

Click for Wi-Fi Router Charts

Mesh System Charts

Click for Wi-Fi Mesh System Charts

VPN Performance

To measure VPN throughput on the FVS, I used two PCs running 64-bit Windows with software firewalls disabled. Using TotuSoft's LAN Speed Test client and server application, with a file size of 100 MB, I measured throughput over Site to Site and Client to Site IPsec, SSL, L2TP, and PPTP tunnels. Table 2 shows the throughput results.

Tunnel Type Client > Gateway Gateway > Client
IPsec Site-to-Site 45.6 43.9
IPsec Client-to-Site 44.1 35.9
SSL 8.0 9.9
PPTP 6.5 6.6
L2TP 13.0 11.6
Table 2: NETGEAR FVS336G-300 VPN throughput (Mbps)

IPsec VPN throughput on the FVS336Gv3 is significantly improved over the original FVS336G. On the original FVS336G, I measured peak IPsec Client > Gateway throughput at 16.9 Mbps. On the new FVS336Gv3, the same test yielded 44.1 Mbps.

The FVS336Gv3's SSL throughput was actually a bit lower than the V1's. On the V1, I measured peak SSL throughput at 11.4 Mbps. On the new V3, I measured peak SSL throughput at 9.9 Mbps.

Note that NETGEAR rates the FVS336Gv3 as capable of 78 Mbps for IPsec throughput and 14 Mbps for SSL throughput. Most manufacturers use a UDP based test to rate throughput on their devices. The TotuSoft test uses TCP based testing. UDP has lower overhead than TCP, which is the likely explanation for the difference between my measurements and NETGEAR's ratings.


The FVS336Gv3 SPI firewall configurations look similar to the original, with a few additions. Rules can be created to filter IPv4 and IPv6 traffic between the WAN and LAN based on Service; Schedule; LAN IP addresses, IP address ranges, or groups; WAN IP addresses or IP address ranges; QoS profiles and Bandwidth profiles. In addition, firewall rules can be created to filter traffic between the DMZ port and the WAN, as well as between the DMZ port and the LAN.

External WAN Attack prevention methods include blocking pings to the WAN port, blocking TCP and UDP floods and Stealth mode, which blocks port scans on the WAN ports. Session limits can also be applied in the firewall, limiting the number of sessions or percentage of total sessions that can be established by a single device on the network. Other firewall features include source MAC address filtering and Port Triggering.

Content Filtering on the FVS336Gv3 is the same rudimentary keyword blocking found on the original model. Per the FVS336Gv3's help menu, "Up to 64 key words in the site's name (web site URL, newsgroup name, etc.) can be specified, which will cause the access to the site be blocked." Keyword blocking can be over-ridden by creating Trusted Domains. I set up a simple keyword block to filter on the word "sports." Browsing to resulted in the below page, similar to the original FVS336G.

Keyword Blocking

Keyword Blocking

Finally, the FVS336Gv3 firewall has the option to enable/disable a SIP ALG (Application Layer Gateway). NETGEAR's specification sheet lists their SIP ALG as compatible with VoIP devices from Linksys, SNOM, Cisco, X-Lite, D-Link, Grandstream, Polycom, Siemens, and Aastra.

Routing Performance

Updated 2/25/16 - Router performance retest due to measurement process error

We tested router performance using our standard test method. Table 3 compares the original FVS336G to the V3.

Test Description FVS336G-300 FVS336G
WAN - LAN 800 Mbps 59 Mbps
LAN - WAN 766 Mbps 58 Mbps
Total Simultaneous 918 Mbps 56 Mbps
Maximum Simultaneous Connections 23,478 200
Firmware Version 4.3.3-5 2.2.0-67
Table 3: Routing throughput

The FVS336Gv3's performance improvement over the original model is huge! The newer model's unidirectional throughput is at least 700 Mbps faster than the previous model, as shown in the plot below. The variation shown is typical of what we see on most of today's routers.

Unidirectional Throughput

Unidirectional Throughput
Simultaneous up/downlink router throughput is shown in the plot below. We measured simultaneous throughput on the FVS336Gv3 at 918 Mbps, a massive increase over the original FVS336G's 56.3 Mbps.

Bidirectional Throughput

Bidirectional Throughput

Closing Thoughts

Table 4 compares NETGEAR's FVS336Gv3 to two other Dual WAN VPN routers I've reviewed, the Linksys LRT224 and Cisco's RV320.

Test Description FVS336G-300 Linksys LRT224 Cisco RV320
WAN - LAN 800 Mbps 797 Mbps 887 Mbps
LAN - WAN 766 Mbps 721 Mbps 746 Mbps
Total Simultaneous 918 Mbps 805 Mbps 832 Mbps
Maximum Simultaneous Connections 23,478 30,467 32,249
Price $230 $174 $168
Table 4: VPN Router comparison

The NETGEAR comes in as the most expensive of the three at $230 ( From a feature standpoint, all three routers are similar, with multiple WAN ports, Gigabit LAN ports and support for IPsec, PPTP, and SSL VPN tunnels. From a router performance standpoint, all three routers are close on WAN-LAN and LAN-WAN throughput.

The FVS336Gv3 differentiates itself by adding L2TP VPNs to the mix, and clearly leading the other two routers on Total Simultaneous throughput. In addition, while all three routers offer a limited lifetime warranty, NETGEAR goes one step further and offers Next Business Day Replacement in the event of device failure.

Overall, the FVS336Gv3 is certainly a performance upgrade over the older FVS336G. I think the reliance on Windows'Virtual Passage SSL adapter holds the FVS336Gv3 back a bit, compared to other SSL VPN solutions, such as Open VPN. On the whole, though, the FVS336G-300 is a fast and highly configurable Dual WAN VPN Router.

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Don't Miss These

  • 1
  • 2