In testing out some inexpensive VPN routers to connect to a Barracuda NG firewall over IPSEC, I have some suggestions for the TL-R600VPN appliance:

1> Allow for overlap in local and remote IP ranges, such as: Local = 192.168.50.0/24 and remote as 192.168.0.0/16    Many other brands allow this and seem to exclude local ranges in the background.  It greatly simplifies VPN setup.

2> In my environment, I have several subnets covered by the 192.168.0.0/16 range.  Because this doesn't allow overlap, I had to create individual tunnels for each subnet range like 192.168.10.0/24, 192.168.20.0/24, 192.168.30.0/24 and so on.  With the current interface, you have to set all the parameters exactly the same way for a common local/remote gateway pair or the screen will give an error and not allow a save.  That is EXTREMELY time consuming and error prone to do when you have dozens of subnets to deal with.  Instead, why not just allow additional local/remote subnet ranges under the same tunnel definition without having to deal with all the extra settings?  Ubiquity is a good example of one that works like this.

Although I've run into some other minor issues, those would go a long way toward making this a better product.  Thanks for your consideration.