network gurus need help on picking out firewall/router

P

pal251

Getting comfortable
Mar 15, 2014
1,012
133
I need/want a new router for my home network. Currently have a netgear AC router that I have to reboot all the time. Have not had good luck with Netgear lately. I have 3 Engenius AC access points that I picked up in my travels that I can use with a wired router if needed.

Been looking at the Ubiquiti Edgerouter 3, Edgerouter-x, edgerouter 4 or the USG. Kind of been leaning towards the USG because I may get a ubiquiti access point later on, that way everything will work nicely togther and appears to be easier to run. I only have a 76mb internet right now and highest I can get is 250 which wont happen any time soon.

What do you think?
 
I have a Unifi system (with a USG 3) and really like it. For WiFi, I think my previous Apple Airports had stronger signals... my WiFi went further into the yard, but I’m more satisfied overall with Unifi. The extra visibility into the network has been helpful the few times I’ve run into problems.

121D9B31-412A-4CC4-BDA2-76409BEFFB2D.jpeg

46EBA4BD-6FD8-46A3-9C32-B651C7ED222F.png
 
  • Like
Reactions: keneil01
I have been using the Synology RT2600AC for well over a year now. Very easy to set up OpenVPN on as well as other VPN access protocols. One thing I like about Synology is the regular updates to firmware that fix security issues or add new features. The latest allowed mesh networking using the new MR2200AC they just recently released. I have this and the mesh capability is great, with 1 SSID for the whole house and yard.

Synology also has Intrusion Prevention and Safe Access packages that really help to identify problem devices, hackers, etc. that actually work. And, the Firewall is very configurable. Their forum is very nice, too.
 
  • Like
Reactions: cyberwolf_uk
weigle2 said:
I have been using the Synology RT2600AC for well over a year now. Very easy to set up OpenVPN on as well as other VPN access protocols. One thing I like about Synology is the regular updates to firmware that fix security issues or add new features. The latest allowed mesh networking using the new MR2200AC they just recently released. I have this and the mesh capability is great, with 1 SSID for the whole house and yard.

Synology also has Intrusion Prevention and Safe Access packages that really help to identify problem devices, hackers, etc. that actually work. And, the Firewall is very configurable. Their forum is very nice, too.
Click to expand...

+1 on the RT2600AC.... I own quite a lot of Synology kit and also have the RT2600AC and once you install "Threat Prevention" you will be surprised by the amount of attacks are trying to access your network from the outside world and also devices on your next network are trying to dial out. It's not just cameras and NVR's you need to block, it's everything ;) Now where's my tin hat.
 
Any of the ASUS routers. It takes less than 15 minutes to set up openVPN. It also supports mac address parental controls which allow you to block all cameras from the internet.

The router choice depends a lot of your skill level and your interest level. If you are a techy then as long as it supports openVPN without additional software you are good to good.
My RT-AC68U has been running for more than 3 years, but is it hooked up to a UPS.
 
  • Like
Reactions: Valiant
pal251 said:
I need/want a new router for my home network. Currently have a netgear AC router that I have to reboot all the time. Have not had good luck with Netgear lately. I have 3 Engenius AC access points that I picked up in my travels that I can use with a wired router if needed.

Been looking at the Ubiquiti Edgerouter 3, Edgerouter-x, edgerouter 4 or the USG. Kind of been leaning towards the USG because I may get a ubiquiti access point later on, that way everything will work nicely togther and appears to be easier to run. I only have a 76mb internet right now and highest I can get is 250 which wont happen any time soon.

What do you think?
Click to expand...

I started years ago with my ASUS RT-AC87U, like @SouthernYankee writes: Allrounder with tons of capabilities, expert functions (certainly when loading the Rmerlin firmware). But if you want to go "hardcore", with vlans and stuff, you'll run into "limitations", like my AC87U: it uses two different chipsets (for "maximum bandwidth" excuse, but the Debian underneath couldn't handle vlans properly anymore). Long story short: I still use the ASUS as "main" router for my internal (v)LAN, with guest wifi and other nice things! But my core router functions are now running on a single ER-X: it can do ANYTHING you want, this little box is very powerfull: openVPN, Vlans, firewalling, etcetc. Pricewise 1/4th of the ASUS, but worth every penny. If you have already some Ubiquity gear, do investigate the management software compatibility: not everything is "user"friendly.

Hope this helps!
CC
 
I've used some of their older loco m2 and m5s. They are a bit difficult but usable with some learning .

I will do vpn down the road along with maybe a plan. Probably nothing more. Some days I have about 20 devices on my wired and wireless network , so not as many as some people. Not all being activly being used at once either.

I'm leaning towards the edferedger x for the sheer amount of reviews, I don't think I'll use the deep packer inspection and such on the usg.
 
pal251 said:
I've used some of their older loco m2 and m5s. They are a bit difficult but usable with some learning .

I will do vpn down the road along with maybe a plan. Probably nothing more. Some days I have about 20 devices on my wired and wireless network , so not as many as some people. Not all being activly being used at once either.

I'm leaning towards the edferedger x for the sheer amount of reviews, I don't think I'll use the deep packer inspection and such on the usg.
Click to expand...

I got good news for you, my ER-X does have DPI :-) Have a look at EdgeRouter - Deep Packet Inspection Engine for EdgeRouter
 
How hard was it to set up. I've watched some reviews of the Synology and it looks nice especially since I can get rid of my paid Dropbox account with it.
 
pal251 said:
How hard was it to set up. I've watched some reviews of the Synology and it looks nice especially since I can get rid of my paid Dropbox account with it.
Click to expand...

I played with these things couple of years ago, then it was very difficult. Today, when powering it up, it offers a couple of templates (flat network, dual ISP WAN failover, dual VLAN etc) - in the manual those are described very well and you pick the one matching your network layout and off you go. Off course, stuff like firewalling you need to do yourself, but tons of tutorials are readily available.
There might just be one "difficult" thing to grasp, that's the naming convention (but for your records, I posted thé most important diagram on Ubiquity Firewalling rules here:
MtCgEFt.png

The OpenVPN server does *not* have a GUI interface (yet?), but key generation and config creation is like 10 linux commands, not that difficult either.

But I need to be honest, I do have stone-age CCNA/CCNP certificates.

Hope this helps!
CC
 
Damn choices choices. It appears the Synology is on sale too. Tho I missed it being 150 a few days ago but I can't wait much longer .

I like the simple built in Nas since I can't justify a full Nas right now.
 
pal251 said:
Damn choices choices. It appears the Synology is on sale too. Tho I missed it being 150 a few days ago but I can't wait much longer .

I like the simple built in Nas since I can't justify a full Nas right now.
Click to expand...

I personally do not like the idea to have my "NAS" capabilities on my internet (edge)router. My NAS is tucked away in a vlan, with from WAN side 2 firewalls to bypass. You'll have the ER-X for 54$? Then you save a bit more for a "real" NAS :-) Back in the days, I used an old mediaplayer (WDTV) as "VPN server", kinda crazy to have this "hybrid" setups with idiot-proof consequences: when it "hung" during video playback, my wife simply rebooted it, but I couldn't connect to the LAN anymore...

Good luck with the choices in life ;-)
CC
 
  • Like
Reactions: keneil01 and aristobrat
Hmmmmm


Would you suggest the usg for ease of use? Only two or three systems at once will be used heavily if at all. Mostly just my desktop/Xbox and wife's PC. All others are smart devices or tvs
 
Last edited:
I bought one of these Cisco RV320's two years ago. Best home router I have owned. https://amzn.to/2KKtZZR

You can really config this thing to do anything. Even share that load if you have DSL and Cable ISP's.. -Bill
 
As an Amazon Associate IPCamTalk earns from qualifying purchases.
Don't have dual wan here. Probably never will do to the prices. I already pay 70 a month just for 75 mb down and 10 up . With no other services
 
Okay,

I went with the USG, AC-UAP LR and aan outdoor mesh ac uap. I cant think of the name of it.

So far everything has been working great for a couple weeks and I've been thinking of getting the cloud controller if I can pick one up for reasonable price.
 
  • Like
Reactions: Nolesfan and keneil01
I am using a Linksys LRT214 VPN router as the first thing off the cable modem. I have it configured for OpenVPN and acting as the DHCP server for rest of the network.

Past that I am using a Netgear Nighthawk R7000 router as an AP and for additional switch ports.
 
I would suggest the Asus route for simplicity.. I have used Asus routers for the past 10 years, before making the move to Ubiquiti. I love the Unifi gear and the capabilities, but it does have a learning curve to get used to. Edge router is clean, simple and cheap too! It is addictive once you start! 20181218_172954.jpg
 
  • Like
Reactions: tangent, bob2701, SouthernYankee and 1 other person
You must log in or register to reply here.
Top Bottom