Menu
What's new
By:
Filters Better Search

Route Based Dual WAN Router

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

C

chamuelm

New Around Here
Hi all,
I'm looking for a route-based dual-wan router for SMB's.
My requirements are:
  • Support route-based dual-wan by destination ip addresses (for example - i want that traffic to 10.20.0.0/24 will pass through WAN2, but internet traffic will pass through WAN1).
  • Support disabling NAT for WAN2 connection.
  • Not as expensive as Checkpoint/Cisco/Fortigate devices.
Is there any device that will suite my requirements? Thank you.
 
Thank you for your recommendation, but we can't buy it in my workplace (some salesmen requirements..)
Is there another router that will fit our needs?
 
It depends on your speed requirements. Mikrotik has embedded routers that are less restrictive than ubiquiti in networking that are much faster. Dont go dealing with salesmans, deal with the distributor directly and make sure you have your VAT number.

Mikrotik is a cisco alternative. Ubiquiti used to be considered a cisco alternative but they have been focused on selling to consumers with information meant for non consumers so i consider them as a consumer brand now as they have been focused on consumers (their restrictions to networking is an example) as their main customer.

Salesman requirements dont matter, what matter are your business requirements and what your manager allows (such as with support, costs, etc). Mikrotik lacks support that you pay a lot to get with cisco but on the lower costs basis any company basically has the same support.

Other alternatives arent embedded, going with x86 and a router focused OS or even a server OS. More work with server OS but its important you choose a solution that is flexible with your networking needs. For example the lower end cisco/fortigate are much cheaper than you think and if they have been expensive than perhaps your salesman is taking advantage of you.

Is your salesman requirements really just what they can provide you or is it support related?
 
chamuelm said:
Thank you for your recommendation, but we can't buy it in my workplace (some salesmen requirements..)
Is there another router that will fit our needs?
Click to expand...
What exactly are the "salesmen requirements"?
whats the bandwidth you need to support?
How many active devices on the network?

To start you off, here are some devices that should do what you want;
Netgate/pfSense SG-2220 and a layer-2 managed switch for extra WAN/LAN ports (Cisco SG-200/HP1620/HP1820)
Netgate/pfSense SG-2240
Ubiquiti EdgeRouter series (all models)
Dell Sonicwall SoHo
Juniper SRX110 (personal best recommendation)
Untangle u25 with home/complete license
Zyxel USG50 (not 100% sure but you can email them and they will answer)

There is also the alternative of refurbished/used cisco hardware . . . but caveat emptor . . .
 
chamuelm said:
Thank you for your recommendation, but we can't buy it in my workplace (some salesmen requirements..)
Is there another router that will fit our needs?
Click to expand...

Hmmm - might be best to sit down with all the stakeholders, get their requirements, and build a design document from there - then you are in a better position - as a business, you can then take that requirements/design document to the vendors directly, or thru a consultant, and get a solution that best fits your needs.

Can always use the forum as a sounding board - but you own the document, and it's your decision at the end of the day... we can't build your network for you, as we're not in the same situation as you are...
 
Hi
The problem with mikrotik is that they don't have decent importer in Israel. The real problem is their payment method (cash only) and it is a little bit a problem.
Im trying right now the ubiquiti. Looks good but I have to lrarn it for a while.

Sent from my LG-D855 using Tapatalk
 
Cloud200 said:
What exactly are the "salesmen requirements"?
whats the bandwidth you need to support?
How many active devices on the network?

To start you off, here are some devices that should do what you want.....
Juniper SRX110 (personal best recommendation)
....
There is also the alternative of refurbished/used cisco hardware . . . but caveat emptor . . .
Click to expand...

I like the Juniper too, however the 110H2 only has Fast Ethernet ports, so really need to know the OP's bandwidth and connection requirements. Juniper has also completely revamped the lower-end SRX series, discontinuing most of the branch series products and pushing everyone to the 300 series. I will particularly miss the SRX240H2, but unfortunately they needed to make changes as the software on the SRX's had lagged considerably from the rest of the JunOS line (SRX's were stuck at 12.3X while the rest of the product line was at 15.1+). The 110H2 was not discontinued as of yet, but I would suspect it's smaller memory and flash footprint will likely limit the software revs that can be run in the future.

Be also aware that there are still still a lot of 3rd party vendors still selling older SRX110 and 110H models that Juniper has EOS'd already.
 
the question with ubiquiti really is just the throughput you need. The ERL will achieve 100Mb/s of NAT + overheads without any acceleration. Using things like QoS will make any hardware acceleration irrelevant. The ERPRO has double that throughput and the ER-X has a decent CPU in them.

I've never had to purchase mikrotik with cash. You could always just use x86 with an OS like pfsense or even a linux server though pfsense would be easier than using a linux server.

It would help if you mention the throughput you need.
 
As for the throughput - our WAN lines in israel are (as for now) no bigger than 100Mbits\sec Download.
Is that what you mean?
 
chamuelm said:
Hi all,
I'm looking for a route-based dual-wan router for SMB's.
My requirements are:
  • Support route-based dual-wan by destination ip addresses (for example - i want that traffic to 10.20.0.0/24 will pass through WAN2, but internet traffic will pass through WAN1).
  • Support disabling NAT for WAN2 connection.
  • Not as expensive as Checkpoint/Cisco/Fortigate devices.
Is there any device that will suite my requirements? Thank you.
Click to expand...

pfSense on Netgate RCE-V 2440 - pretty much checks all the boxes - see what the prices on the HW is in your country...

If the price is out of scope on the netgate (due to country of origin perhaps), do a search on the forums here for Qotom and pfSense, it's similar in performance, and capability is the same...
 
chamuelm said:
As for the throughput - our WAN lines in israel are (as for now) no bigger than 100Mbits\sec Download.
Is that what you mean?
Click to expand...
That is what i mean, throughput is important when considering. X86 however has no issues keeping up. with 100Mb/s max (or 200Mb/s with dual WAN) you will need a decently fast MIPS device at least.

Still before you dive in for an ERL you should consider pfsense on x86 like what sfx mentioned above. Ubiquiti has some restrictions in config so you "dont shoot yourself in the foot" which makes it more of a consumer router category. It will do dual WAN but if you have a complicated network you may want to avoid it.
 
Thing is - RouterOS on MicroTik, YoOS/pfSense/Untangle/SohphosUTM are very good on x86 - some have licensing fees associated, but consider that these are true Router builds and Firewalls, and as such, are far more capable than most All-In-One consumer Router/AP's - not just in capability, but also more secure, more capacity for a given bandwidth, and far more stable (and in the case of X86, more scalable, just add RAM/Compute/Ports as needed).

EdgeRouters come in all sorts of flavors - they're based on VyOS, and scale relatively well - the consideration here is to ensure that the configuration meets requirements - many folks have been disappointed, not becuase ER's are "bad" but they didn't do the due diligence needed to ensure that what is bought is correctly sized for the current and near term future demand on the router.
 
Cloud200 said:
What exactly are the "salesmen requirements"?
whats the bandwidth you need to support?
How many active devices on the network?

To start you off, here are some devices that should do what you want;
Netgate/pfSense SG-2220 and a layer-2 managed switch for extra WAN/LAN ports (Cisco SG-200/HP1620/HP1820)
Netgate/pfSense SG-2240
Ubiquiti EdgeRouter series (all models)
Dell Sonicwall SoHo
Juniper SRX110 (personal best recommendation)
Untangle u25 with home/complete license
Zyxel USG50 (not 100% sure but you can email them and they will answer)

There is also the alternative of refurbished/used cisco hardware . . . but caveat emptor . . .
Click to expand...
Thank you for your suggestions..
Well..
Dell\Juniper - are very expensive.
All others doesn't have a decent importer in Israel.
So we decided to use the Ibiquiti for our customers. Looks fine for now and not very expensive.

Thank you all.
 
I think that TODAY, people need to consider tomorrow. That means planning on deploying IPv6. That requirement would eliminate most contenders in the x86 space. pfSense has good ipv6 support, I don't know about RouterOS... Sophos has barely any support in their "XG firewall" product, and "barely acceptable" in their UTM product.

I have no idea what ipv6 support ubiquiti offers, but their firewall/gateway products aren't known for being fast/efficient. (They are pretty, though!)
 
UBNT's EdgeRouters are based on VyOS, and have decent IPV6 support - same goes with MicroTik and their RouterOS products.

pfSense has good IPV6 support, but that depends on the operator's implementation, and there is a couple of settings that can get you into trouble if not aware (specifically the keep /var and /tmp in RAM vs. on disk), which can create some interesting situations on a reboot (as @garyd9 and I have discussed in another thread) - but being aware of it, they work - I've still got a couple of ongoing issues with my CableCo, so in lieu of a semi-broken ISP, I'm back to IPV4 only in the house at the moment)...
 
mikrotik routerOS has good IPV6 support too. If you wish to emulate NAT with ipv6 it is possible with any solution that has ipv6 firewall that lets you configure source and destination whitelists
 
You must log in or register to reply here.

Similar threads

A
Questions about AiDisk (FTP) and remote access of USB HDD - Load balancing and CGNAT
Replies
1
Views
354
OzarkEdge
OzarkEdge
A
Anyone here using a Draytek router with a Dual WAN?
Replies
4
Views
2K
autopilot
A
B
Dual WAN and mesh Wifi - what's the best way to increase internet bandwidth and wifi coverage?
2
Replies
25
Views
1K
Tech9
Tech9
GShlomi
Sharing my DualWan with port forwarding and DDNS experience
Replies
0
Views
161
GShlomi
GShlomi
TheLostSwede
ASUS Unveils RT-BE88U WiFi 7 Dual-Band Router
2 3
Replies
46
Views
5K
Ripshod
Ripshod

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 739 (members: 23, guests: 716)
Top