Upgrading Home Network - Need Advice

[ToolAA]

Quote:

Originally Posted by traveller

Check on the specs. My information is from 4 years ago, the AC lite and their midrange AP required either power injector or proprietary PoE. Only the Pro did the industry standard.



Complete overkill for home use. A Sonicwall TZ350 hooked to Fios primary, Comcast for failover and a LTE card for emergencies that knock out both wired connections.

Yea the LTE 3rd tier emergency backup puts you into a special class for sure.

The Sonicwall TZ350 looks like nice hardware. Not much more than the Netgate I linked.

[swamplynx]

Quote:

Originally Posted by traveller

Check on the specs. My information is from 4 years ago, the AC lite and their midrange AP required either power injector or proprietary PoE. Only the Pro did the industry standard.



Complete overkill for home use. A Sonicwall TZ350 hooked to Fios primary, Comcast for failover and a LTE card for emergencies that knock out both wired connections.

How do you like the Sonicwall? I’ve only used them probably over a decade ago in a work environment and wasn’t all that impressed. I’m running Peplink at my edge currently, which overall is a great product and for redundancy, but it really chaps my ass that they don’t have proper IPv6 support.

[Occam]

Quote:

Originally Posted by ToolAA

Thanks man. I like what I’ve read about PF Sense. Are you running it on regular PC’s or special purpose HW?

In my case, I run it on a couple of modest 1U pizza-box-sized servers. Don't need a lot of big fast drives unless you intend to maybe also use it for a file server or keep huge logs or use it as a web proxy with a gigantic cache. Unlikely scenarios for you.

I'm running that in a noisy rack in a datacenter that already sounds like a jet engine factory. In a house, a dedicated PC (or sever format, etc) machine is going to probably be bigger, louder, and more electricity hungry than you're going to need or want. As you've seen, there are lots of dedicated little devices that run it, and probably have all the horsepower you need. I just end up with a lot of extra servers around, and don't care about noise, so I just spin PFsense up on servers. One advantage is that the server class hardware has its own remote access facility so I can boot the machine, fiddle with BIOS settings, etc., without dragging my ass out past Dulles. You get to play with it in your house!

[adit]

I'll say just the opposite of Occam. I have had zero issues with TPLink WIFI AP's. I actually installed another one in Annapolis last night. (EAP245) It replaced a Netgear AP.

For smaller PoE switches I've always used Netgear. We're now replacing them with TPLinks. We had a lot of problems with the Netgears losing their saved configs, and one model in 2 locations that changes the VLAN ID's. Maddening.

Still using Netgear for 48 port PoE and 10G switches as they have been problem free.

PM Melnic here. He replaced his WIFI with TPLink. Last I heard from him he was happy with the cost/performance ratio.


The 3100 is overkill, but a nice unit. I have one sitting in front of me waiting to be config'd.

The 1100's (what I'm using now) can overheat - I attach a 25x25x10 USB fan to the side w/silicone, and plug it into the port, runs ice cold. https://www.ebay.com/itm/2-Pieces-US...9/254547539418



FYI, from UI the other day, forgot to post it:

Quote:

Dear Customer,

We recently became aware of unauthorized access to certain of our information technology systems hosted by a third party cloud provider. We have no indication that there has been unauthorized activity with respect to any user’s account.

We are not currently aware of evidence of access to any databases that host user data, but we cannot be certain that user data has not been exposed. This data may include your name, email address, and the one-way encrypted password to your account (in technical terms, the passwords are hashed and salted). The data may also include your address and phone number if you have provided that to us.

As a precaution, we encourage you to change your password. We recommend that you also change your password on any website where you use the same user ID or password. Finally, we recommend that you enable two-factor authentication on your Ubiquiti accounts if you have not already done so.

Change Password
Enable Two-Factor Authentication

We apologize for, and deeply regret, any inconvenience this may cause you. We take the security of your information very seriously and appreciate your continued trust.

Thank you,
Ubiquiti Team

[Boxcab]

ToolAA, sorry for taking a small detour in your thread, but I think its part of the story...

Quote:

Originally Posted by ToolAA

<snip>

I will be connecting my Fios Router in Bridge mode to the SG-3100, so I can still keep the channel guide and PPV channels working. (I currently have this setup working with my Netgear router)

<snip>

Is there a good and easy to manage replacement for the Fios hardware? I'd like to rid myself of the monthly fees and any backdoors that Fios has?




.

[bibitor]

I’m running the Netgate SG-2100.

For most applications it’s overkill, but I have a wireless bridge from my house to our barn, and I wanted to segregate the networks. My wife and I have employees that use the barn network.

In the house I’m using an older Netgear router strictly as a WAP, and I have a Pi-hole running as well (highly, highly recommend). Reading through this thread I am reminded that I need to go through and run software updates this weekend. I stay on top of it for our businesses, but I’ve been neglecting my home gear

[geda]

I am running a very similar setup to what OP is thinking about.

3 Unifi AC-Pro, which are infact normal .af PoE,other models may not be, but I specifically got these in 2015 because they were real PoE. They are not running ubiquity firmware, they have openwrt. They are on their own dumb PoE switch plugged into a 4 vlan trunk port on my pfsense box. 1 management vlan and 3 vlans for wireless networks. Wireless networks are bridged to their respective vlans. The pfsense box handles all the routing and dhcp. I initially set it up with the APs doing routing, but they were too slow to handle AC speeds. Other than updating the firmware a few times these have been amazing, zero issues.


Custom Pfsense box - ASRock J3455M board with 8gb of ram, old 60gb ssd, dell branded intel 4x 1g ethernet card from ewaste at work. Mounted in a 2u ebay case(i dont mess with 1u for home use because I dont want any "jet engine fans". This upgraded an older amd e-350 board that quit on me after 6 years. Current setup is 2 years old and has had zero issues.


Everything else is on a managed cisco switch. The ethernet going from the router to the cable modem goes though a cisco firepower device(free through work) in bump in the wire mode. I could replace the switches and router with the firepower device if I wanted to, but I just use it for monitoring and snort.

[ToolAA]

Quote:

Originally Posted by Boxcab

ToolAA, sorry for taking a small detour in your thread, but I think its part of the story...


Is there a good and easy to manage replacement for the Fios hardware? I'd like to rid myself of the monthly fees and any backdoors that Fios has?




.

If you want to keep their channel guide and have access to OnDemand and multi-room DVR capabilities, you have to keep there crappy router connected to the STB’s. However you can connect the Fios router behind a more secure router/firewall and then turn off all other routing features of the Fios router. This will give you the security you are looking for without losing the Fios TV features. You still have to rent their hardware.

[XCheckR]

Quote:

Originally Posted by Alan3413

For $400, you're best off with Ubiquiti's Unifi line of products.

$400 will get you their security gateway, switch, a couple of access points, and a cloud key controller. I'd spring for their controller for better real time control of the setup.

Setup is all gui-based and prolly easier than pfSense

I just upgraded to their stuff. It's pretty friggin awesome.

[Traveler]

There is nothing overkill about PFsense. If you have the technical ability, it is on par with commercial gear, without the cost. It is far more flexible and secure than the stuff you get at Best Buy. I started running it when I got tired of maintaining OpenBSD, and a PF firewall manually. That was about ten years ago.

You could do far worse. The UI is a breeze for anyone with firewall experience.

Two of my technical friends finally got on to it a few months ago. They like it as well.