Ubiquiti EdgeRouter X config help

[Emets31]

Hello all, long time lurker, first time poster. First, I would like to thank everyone for their help and guidance. This site has been a great help to a lot of people, myself included.

Currently, I've had an Untangle box in place for about 9 years or so that I've been thinking about getting rid of. I've used Endian and a few others in the past, as well, but I've always come back to Untangle. Other than the occasional hardware upgrades, I definitely cannot complain. But, I've also grown tired of a clunky old desktop hanging around, using up power. I have kids that access the computers around the house, but not very much anymore. They stick to their tablets, Chromebook and/or phones, so I'm feeling like it's not needed as much as it used to be.

Anyway, we've started using Ubiquiti hardware at work, and I've been quite impressed. I was looking into the EdgeRouter after implementing OpenDNS into one, so I was thinking about doing the same at home. I looked into a few of their products, as well as some MicroTiks, because I know they're about the same, quality and performance wise. I searched around on here for some data on the matter, but after not finding any, I finally got up enough nerve to post.

So, long story made longer, what are you guys' suggestions are far as this goes? Other than web filtering and VPN usage, I am not overly concerned with much else that the Untangle offers. I turned off my Captive Portal years ago after all the complaints I received, and my PCs/laptops all have Trend Micro, MalwareBytes and WinPatrol installed. I can use OpenDNS for filtering, so I'm really leaning towards dropping the Untangle. So, I guess my question is, which router would you suggest? Behind the Untangle, I've got two switches (a WD My Net Switch, which has worked surprisingly well for device priority, and just another TPLink Gb switch) and an Archer C8 WiFi router, strictly for WiFi. What do you think would be a good way to go, and if you have time, why?

Thanks in advance, everyone!

 

[coxhaus]

You are asking what Untangle does. Have you checked the logs? It picks up lots of things when I ran it. The only thing is you pay a price in speed as there are more things checked which normal routers do not check which slows down performance. I ran it for many years when I had my own mail server.

 

[System Error Message]

mikrotik and ubiquiti are far from similar in many things, from price, hardware, performance and features. Mikrotik is a router focused device which is locked down. Its a fully configurable router that does best at being a router. Ubiquiti edgerouters are devices that run embedded linux with a router interface. They arent as good as mikrotik at being a router, not as good as a linux OS at being a linux.

When it comes to a business, i would not recommend a ubiquiti edgerouter, this is due to the fact that ubiquiti edgerouters lack the actual performance for things that a business would use such as QoS. Mikrotik QoS is much more flexible and faster and you can use hardware acceleration as an option for QoS implementation which you cant on ubiquiti edgerouters (Selective based QoS and hardware acceleration).

You can use untangle with mikrotik, i myself am implementing an IDS and IPS with mikrotik next month and i will be making a tutorial on that. Mikrotik is great as a router but lacks features though you can supplement it with a separate box

 

[abailey]

I run Untangle at home and like it better than the Edgerouter (which I have an ERL that I ran before Untangle), pfSsense, or Mikrotik. I just recently tried both pfSense and Mikrotik and found them both very time consuming to learn and configure. If you like Untangle and are just tired of a big PC running it then get a small system to run it (like this, or this). The second one you need to add ram and a HD to. If you just want to move away from Untangle I would probably look at the Edgerouter (depending on your internet speed and if you need QOS or VPN). To me the Edgerouter is easier to configure than Miktotik or pfSense. If you have the time and want to learn a powerful routing system then take a look at pfSense or Mikrotik. Of those two I liked pfSense better but they are both nice.

 

[Audio-catalyst]

mikrotik and ubiquiti are far from similar in many things, from price, hardware, performance and features. Mikrotik is a router focused device which is locked down. Its a fully configurable router that does best at being a router. Ubiquiti edgerouters are devices that run embedded linux with a router interface. They arent as good as mikrotik at being a router, not as good as a linux OS at being a linux.

When it comes to a business, i would not recommend a ubiquiti edgerouter, this is due to the fact that ubiquiti edgerouters lack the actual performance for things that a business would use such as QoS. Mikrotik QoS is much more flexible and faster and you can use hardware acceleration as an option for QoS implementation which you cant on ubiquiti edgerouters (Selective based QoS and hardware acceleration).

You can use untangle with mikrotik, i myself am implementing an IDS and IPS with mikrotik next month and i will be making a tutorial on that. Mikrotik is great as a router but lacks features though you can supplement it with a separate box

We all know your dislike of ubnt.
Microtik, when using a lot of FW rules slows down to a crawl.

Edgerouters or vyatta are being using as core routers, and run fine.



Verstuurd vanaf mijn SM-G850F met Tapatalk

 

[System Error Message]

We all know your dislike of ubnt.
Microtik, when using a lot of FW rules slows down to a crawl.

Edgerouters or vyatta are being using as core routers, and run fine.



Verstuurd vanaf mijn SM-G850F met Tapatalk

It depends on how you set those rules. I myself use a lot of rules without any issue as i know how to put them in parallel. Any platform regardless will slow to a crawl with a lot of rules.

 

[coxhaus]

If you want the extra firewall protection which Untangle provides then you can run it behind any router in transparent mode. I ran it that way for years.

 

[Emets31]

I run Untangle at home and like it better than the Edgerouter (which I have an ERL that I ran before Untangle), pfSsense, or Mikrotik. I just recently tried both pfSense and Mikrotik and found them both very time consuming to learn and configure. If you like Untangle and are just tired of a big PC running it then get a small system to run it (like this, or this). The second one you need to add ram and a HD to. If you just want to move away from Untangle I would probably look at the Edgerouter (depending on your internet speed and if you need QOS or VPN). To me the Edgerouter is easier to configure than Miktotik or pfSense. If you have the time and want to learn a powerful routing system then take a look at pfSense or Mikrotik. Of those two I liked pfSense better but they are both nice.

Thank you for your replies, everyone. I will take them all into account.

Sorry for the confusion, coxhaus. I am well aware of what Untangle does; I have been using it for many years. I receive daily logs, which is part of the reason why I am debating getting rid of it. It just isn't doing much. That is definitely a good thing for my network, but it has also lead me to question its worthiness.

As for replacing my current setup, that may actually be the route I go. In your links, abailey, do you know if those systems run Untangle well enough? I'd be very interested to see what I could get Untangle to run on in one of these mini PCs.

 

[DanH]

I'd wait a bit if you are going to get a ubnt product. They have several new routers that are leaving beta and will be available before years end. Faster hardware at a cheaper price. I know the new ER4 is about 50% faster at 50% of the cost of a erpro for instance. the er4 is also fanless so it is much quieter than the pro models.

 

[abailey]

As for replacing my current setup, that may actually be the route I go. In your links, abailey, do you know if those systems run Untangle well enough? I'd be very interested to see what I could get Untangle to run on in one of these mini PCs.

Over on the Untangle forums people have had good luck with both of the boxes I linked to. Both have been tested to run at 1GB with some of the apps turned on. You may have to look over at the Untangle forum to see what all apps they had turned on. Personally I would go for the one with the i5 processor, especially if you use VPN. But it really just depends on your connection speed and how far into the future you are planning for.

 

[Emets31]

So, just to update, I am working on building a fanless/semi-fanless mini-itx based Untangle boxes. I already have a couple of boards from older HTPCs that I have used, so I am going to go with one of those. In the mean time, I started to configure the EdgeRouter X that I bought, and I am both amazed and scared of it. I had no idea just how in-depth it could get with it. Any good sources for feature configurations?

Basically, what my new plan is to run the ERX behind my modem, and configure it with 2 LANs. One LAN will be strictly for TV/Media Streaming and updating, Gaming, and probably VOIP (sort of like a DMZ); the other LAN will be going out to the Untangle box, and will be for general computing/web surfing.

So far in my test lab, I have configured eth0 for WAN, eth1 to be LAN1/DMZ, and eth2, 3 and 4 as switch0 for LAN2. I set up OpenDNS as the name server, and configured the FW to block any traffic on port 53 that doesn't go to OpenDNS server IPs. Does that sound like a good way to go?

 

[t84a]

You can load Untangle on a Linksys WRT1900ACS. I have their u25w. I love Untangle.

 

[Emets31]

You can load Untangle on a Linksys WRT1900ACS. I have their u25w. I love Untangle.

Awesome! I didn't know that, but that is definitely worth looking into. Thanks!