What's new

WiFi Enterprise/Consumer

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Discy

Occasional Visitor
Hi,

I'm looking for a stable router/ap for my home and garden.
Wondering where I could all the information regarding home and enterprise solutions I need to come to a descision.

Money is no issue, can be $500+ if neccessary.
Stability and great reception are my main concerns. I personally have a bad experience with consumergrade meshsolutions - not sure if enterprise grade equipment is better. Else I'd prefer a single hub/router/accesspoint.

I want to make sure it's a reasonable home investment. Not paying for specific enterprise security stuff and/or support.

Hope someone can provide some insights.
 
Have you read through the forum ? there are plenty of discussions about these issues and plenty of recommendations.
It all depends on how much understanding you have about configuration of networks and how much time you are willing to invest.
If you don't have time or interest, find a local company to do the install and configuration. this is the "money is no issue" solution.
Otherwise, we cannot help you much without rough map of your layout and size, number and types of devices, etc.
 
Hi Discy - welcome.

In general, enterprise grade is certainly better than consumer most kinds of networking gear, but is it better for your needs? That's a bit hard to answer until we know a little more about your environment, namely (echoing @degrub):

- How many square feet and number of floors are you looking to cover with wifi? (Ballpark number is fine)
- How many users and devices, roughly? Any special needs in terms of VoIP, gaming, or other specific traffic?
- Do you have any pre-existing ethernet or TV coaxial cable, perhaps to enough places where APs in each of those spots could cover your entire place all together?
- What kind of internet do you have and how fast, download and upload?

If you can answer as much of that to the best of your ability, we can do a better job at recommending you the right hardware.
 
Number of people here on SNB forums use different business grade equipment from Cisco, Ubiquiti, TP-Link, Ruckus, etc. @coxhaus is the Cisco guy, he can share details about Cisco setups good for home applications, @Trip is our local wiki for business solutions, I'm currently using Omada setup, @Marc66 has UniFi setup, @ddaenen1 has entire homelab with pfSense and Cisco APs, @Chrisgtl also uses pfSense... just to name a few. Probably the most popular setups with reasonable price tag and not over-complicated setup are UniFi and Omada, both with similar performance:

- UniFi Security Gateway
- UniFi Switch 8 60W, PoE
- UniFi Cloud Key Gen2
- UniFi UAP-AC-LITE/PRO/LR/HD, PoE

- router of choice (x86 pfSense Firewall in my setup)
- TP-Link TL-SG108PE Smart Switch, PoE
- TP-Link OC200 Omada Cloud Contoller
- TP-Link EAP225V3/245V3/Outdoor, PoE

Based on your requirements, budget and knowledge (or willingness to learn new things) there are many options to chose from. There is no single best universal solution. The equation has many variables like place, layout, building materials, available/possible wires, ISP speed, number of clients, wireless speed required, roaming requirements, router requirements, VPN. Yes, business solutions are more reliable, the performance is better, offer better flexibility in upgrades, etc., but they cost more. In some cases much more compared to consumer All-In-One routers.
 
How many square feet and number of floors are you looking to cover with wifi? (Ballpark number is fine)
  • Three floors (floorplan attached)
  • House peremiter: 10m * 7m (134m²)
  • Including garden: 16 * 50m (489m²)
How many users and devices, roughly? Any special needs in terms of VoIP, gaming, or other specific traffic?
  • 5 users (telephones, netflix on two tv's, computers etc)
  • Working from home
  • Occasional gaming
  • Two to three video-conferences simultaneously (skype)
  • VPN service for encryption of all devices on the router itself. Currently using L2TP. Only in to out connections - not for external-access to internal network. OpenVPN can also be used. (privateinternetaccess)
  • NAS for movies and central storage for all devices
  • Wifi speed preference:
    • at least 100mbps in house
    • preferably 200mbps for connection to NAS - not all devices at once
    • 30-50mbps outside
  • Ethernet: I figure 1gbps should be enough
Do you have any pre-existing ethernet or TV coaxial cable, perhaps to enough places where APs in each of those spots could cover your entire place all together?
Can route cables where-ever I want, fe first floor, but preferably somewhere downstaires.
Preferably without a fan (or a fan that can be switched off) because of noise.

What kind of internet do you have and how fast, download and upload?
100/10mbps down/up

Consumer devices I've been looking at:
  • Asus AX88u
  • AC86u/AC2900 (cheaper)
  • AX92u
I'm interessted in how these "all-in-one" "out-of-the-box" solutions compare to more enterprise level stuff when it comes to performance and stability. The possibility for incremental upgrades is something that I like, but it's not a dealbreaker.
It could also be that these consumer products already suit my needs. I do like the idea that I have some room/performance to spare. Rather pay a bit more so I can use my setup for a really long time.

Personal experience:
  • Programmer/Administrator/Hardware diagnostics as a profession, so my mindset is kinda OK to figure stuff out
  • Basic experience with consumer networking. Everything that there is to change in a consumer router regarding wifi and ip's/networking I know what it means and does.
  • No experience with enterprise stuff. Always used all-in-one routers + external modem + NAS.
I don't care if it takes some time to set it up correctly - can be days to test it all.
But afterwards it should be stable and no hassle.

Hope you guys can help :)!
 
Last edited:
Just to let you know enterprise level gear is a level beyond anything you are considering. Enterprise level gear is very expensive and runs almost 100% of time with everything working. What we are talking about is consumer and small business gear which is below enterprise level gear. Small business networking gear is better and more stable than consumer gear but not as good as enterprise level gear.
 
My terminology might be wrong. Perhaps I'm considering consumer+/small business gear
 
Last edited:
@Discy - Thanks for the detailed answer and layout. I see you're Dutch; part of my family is, still have relatives there. Hup Holland Hup!! :)

So total area is ~2000 square feet (1200 house, 800 garden), or 185 square meters (105 house, 80 garden). Should be simple enough to cover.
Wiring is possible, which is great. And understood on silent/fanless gear - shouldn't be a problem.
Users/devices/traffic/bandwidth should be completely serviceable.
The 100/10 internet speed is fine, provided you run SQM on the router to prevent bufferbloat.
Understood on all the rest.

So for starters, a primer on gear. Consumer stuff will often be the most "all-in-one" and turnkey. It will usually have more bleeding-edge (but unproven) wifi features, while forgoing a fair amount of wired throughput horsepower and quality control on hardware and software. Small-business/whitebox gear will often be a half or full generation behind on wifi standards but usually more reliable, while offering way more throughput and reliability for routing and switching. Couple that with community software and firewall OSes, and you generally hit the sweet spot for a "next level" network at a reasonable price. Per @coxhaus's addition, enterprise gear takes all of the above to the utmost levels of uptime, features and performance, and but even if purchased used or refurbished, rarely makes sense outside of special circumstances.

For your use-case, you may be able to get away with a single consumer all-in-one router, perhaps placed centrally on the main or first floor, but the primary challenge will be firmware/wireless stability and wifi client throughput at the broadcast edges. Stability can often be solved with third-party firmware, like Merlin on Asus (AX88U), or, my preference, OpenWRT on a certain Qualcomm hardware (Netgear R7800 for example). Wifi coverage could be solved by something like multiple Asus AiMesh-compatible routers, or via a turnkey, whole-house mesh product like Deco, Velop or Orbi -- all of which I recommend interconnecting by wire first, wireless only if absolutely necessary -- but the only one I tend to recommend, Eero Pro tri-band, isn't available in Europe as far as I know (right?...frustrating).

That said, consumer stuff can start to become a balance of compromises. The remedy to much of that can be found via an approach using discrete components, SMB-quality or better. It's ultimately how the highest-performing networks are built anyways, and presuming the setup is done properly, will almost always produce a better result from the sum of the parts. Plus you gain very nice things that the consumer stuff lacks, namely VLAN support out-of-the-box, PoE-powered wireless APs and (usually) more seamless wifi roaming. One ecosystem that makes this method very approachable is Ubiquiti UniFi; the controller can be used to configure gateway, switches and access points all from a single dashboard, although for you I would run a different gateway, like pfSense -- much more throughput for your dollar plus point-and-click access to all the functionality you're looking for (VPN, SQM QoS, security, etc.).

For specific gear choices, a decent starting point might be a Netgate SG-3100 or APU-based pfSense appliance, plus UniFi for switching and wireless -- a CloudKey Gen2 controller, US-8-150W PoE switch, and two or three NanoHD (ceiling mount) or FlexHD (desktop mount) access points, all hard-wired (and powered by PoE) to the switch, and placed equidistant/staggered for optimal coverage and overlap. Not a trivial cost (probably $1000 to $1200 USD total), but you didn't specify a hard budget and I just wanted to throw something out there that would definitely be rock-solid, set-and-forget.

The suggestions above can certainly be tweaked or substituted per your budget or otherwise (sub in TP-Link Omada for UniFi, for example) but I hope the overview helps to paint a picture of things look out for and how to address them.
 
Last edited:
UniFi with 3 x NanoHDs + SG3100 is expensive (approx. €1150) and pfSense is not easy to setup, IMHO.
I would suggest to @Discy to go Orbi way or Omada with the existing router to start, upgrade the router later.

Orbi RBK50 (2 units) - €300
Orbi RBK53 (3 units) - €450
OC200 + TL-SG108PE + 2 x EAP245 - €300
OC200 + TL-SG108PE + 3 x EAP245 - €390

Prices as per Amazon Netherlands. Some items are on discounted prices at the moment.
 
Thanks again guys :). This is definitely a starting point to get myself familiair with some new terms and what's available.
Will let you guys know when I got a proposal ready for the next step.

One burning question remains: The main problem I had with mesh systems I worked with is that - especially mobile - devices don't automatically switch to the correct accesspoint in a timely fashion. This caused an unacceptable slow connection or even a drop. For this reason I've been avoiding mesh as much as possible. What are your thoughts on this? Is this indeed the case and perhaps a loss I'd have to take, or is there a reliable way around it?

@Trip: indeed - greetings from Holland ;)
 
Last edited:
UniFi with 3 x NanoHDs + SG3100 is expensive (approx. €1150) and pfSense is not easy to setup, IMHO.
Indeed it's pricey, and pfSense would be a study, but the OP did say 500+ is not necessarily an issue, and being a programmer with all the guide material available, it may be quite doable. Nonetheless, leaving the current router in play (with wifi disabled) and running Omada with TP-Link switching would be simpler and cheaper, albeit you lose the "single pane of glass" over switches and APs (not that big a deal for a tiny home network).
with mesh systems [...] especially mobile - devices don't automatically switch to the correct access point in a timely fashion. This caused an unacceptable slow connection or even a drop. For this reason I've been avoiding mesh as much as possible. What are your thoughts on this? Is this indeed the case and perhaps a loss I'd have to take, or is there a reliable way around it?
First, I presume you know that it's ultimately the client, not the AP, that determines when/where to roam. That being said, the underlying network's ability (or inability) to "craft" that roam event properly can often be the majority-cause of the behavior your noticing. Consumer mesh is certainly no exception, as it lacks 1) unique fronthaul channels per-AP, which often helps to more properly disassociate and re-associate clients, and 2) often has poorly-implemented 802.11r/k/ v roaming support (just search the forums of all the brands I mentioned above, Orbi included). If you can, I would highly recommend hard-wiring between nodes and using a wire-first product like Omada or UniFi, which will largely alleviate issues #1 and #2. If you have to run an AP wirelessly-uplinked, both Omada and UniFi support it, but best-practice would be hard-wiring everything.

If you really had to or wanted to go all-wireless, you'd first have to concede a fair amount lower throughput and higher latency (especially since Eero most likely isn't available to you). If you went consumer mesh you'd have to vet the product heavily for proper seamless-roaming, and/or deploy enterprise kit (Aruba or Ruckus, for example), which could be quite spendy if you had to buy new (as opposed to my good friend eBay, which has made Ruckus more-than-doable for me). Again, I would err on the side of hard-wiring as many nodes as you can, regardless of which product type and tier you choose. See the theme? ;)
 
Last edited:
TL;DR - For what it's worth, considering the square footage you're dealing with, an all-in-one, especially an AX88U running Merlin, may just suffice for your needs, rendering the extra complexity and cost of discrete pieces moot. You'll forgo some native support for certain things like VLANs, but that may not matter as much, at least for starters. Only way to find out is to try, and perhaps that's the route you start with, so you at least have proof in knowing you've given it a shot with what is apparently one of the better all-in-ones and firmwares available.
 
The one small detail you are probably forgetting about @Trip is that @Discy house in Holland is probably built a bit more sturdy than a typical wooden stick and drywall houses we have around here in North America. I have a house in Europe and it needs one AP every 2 walls between the rooms. With concrete slabs between floors the WiFi signal just one floor up is already on 30% strength, 2 floors up disappears completely. So, I'm not sure... the APs approach could be the only option, actually.
 
That may be quite true. I'm just trying to err on the side of simplicity, if it may at all be appropriate to at least try it -- given the current theme in the other threads we've been chatting in, perhaps my acute sensory mechanism is just firing extra hard on not going too overkill on my recommendations. ;) I realize each case is different, though.
 
Last edited:
Regarding PfSense. I got it up and running on an IoT Gateway with a 4 core 1.6ghz Intel Atom from an old work-project :).
It's between my router and modem and configured as an OpenVPN client - so at least it's an option I guess?

Bit off-topic (please don't go too deep) but I was wondering if having my mappings configured like this can be considered a killswitch when VPN drops?
There are so many options and this seemed like the simplest..

Will get back after reading and investigating some more about what has been said.

 
Last edited:
Regarding PfSense. I got it up and running...

Wow! You're fast, I'm impressed. :)

About setting up a kill switch - Lawrence Systems has a good explanation video with PIA as example:


The "support" problem with pfSense is in complexity of menus/options and the fact some things can be achieved in different ways. It's really hard to do a step-by-step guide in a forum. I can't reproduce by heart my own system setup, for example. Luckily, Netgate documentation is good and there are many guides and videos available showing how to set common things up. My advice to you is to go one step at a time, test the results, save the configuration when you know everything is working properly, then proceed to the next configuration change following a guide, advice, video, etc.

P.S. I think this WiFi router wants to break free and run away from this closet. Far, far away...
 
Thanks. Seems like I got it figured out :)


I've been considering a couple of options. My current setup is Archer C6 + Pfsense for VPN

AP:
- 1 or 2 EAP245 - €89 each
- 1 or 2 UniFi nanoHD - €161 each, are they really that much better?

Switch for PoE support:
Looked at an PoE injector, but for 15 bucks each it doesn't make sense to me to add more points of failure.
- Tp-Link TL-SG108PE (€58)
- UniFi Switch US-8-150W - €194. Again, what's with the price difference?

CloudController (depends on AP):
From what I understand, a dedicated Unifi- or Omada Controller aren't strictly neccessary. Is that correct?
- Omada Cloud Controller - €65
- UniFi Cloud Key €75

What I like from the PFSense VPN setup is that I don't need to consider a router with fast CPU.

Questions:
1. Do these options make sense? As PFsense might be an option (is it still advicable?) maybe something changed? How should I decide?
2. Is it correct that all I need is AP+Switch+PFsense and can I remove my router? I also don't need a "base-station" in laymens terms? Or am I missing something here.
3. Would you advice a dedicated cloudcontroller? Is it required? How does it help?
4. UniFi stuff is much more expensive. Gotta say their dashboards etc are mouth-watering but how much extra performance/support/stability am I paying for?
5. Can AP's and Switch be mix and match - if that's sensible?

NetGear Orbi seems to be lacking in features at first sight.

Found this on eap245 and 225. Couldn't find measurements on the NanoHD, first one includes AC-Lite
Getting there step by step.. :)
@Val D. My router definitely needs more room to flex. I promise I won't do this to the new AP's! :oops:
 
Last edited:
UniFi Cloud Controller - An active controller is not required unless you are trying to use the guest portal or want to have real time stats. Otherwise you can just use the mobile app to configure.

As for the switches....the US-8-150W is higher level of product with more ports and more PoE capability than the TP-Link one. The US-8-60W would be closer in spec...although still more money.
 
1. Do these options make sense? As PFsense might be an option (is it still advicable?) maybe something changed? How should I decide?
2. Is it correct that all I need is AP+Switch+PFsense and can I remove my router? I also don't need a "base-station" in laymens terms? Or am I missing something here.
3. Would you advice a dedicated cloudcontroller? Is it required? How does it help?
4. UniFi stuff is much more expensive. Gotta say their dashboards etc are mouth-watering but how much extra performance/support/stability am I paying for?
5. Can AP's and Switch be mix and match - if that's sensible?


1. I would run the pfSense box as a main router and keep this Archer C6 as a backup router only, as it is pre-configured, connected to the network, but disabled. It is useful during the main system setup/upgrade to provide temporary Internet access during the process. pfSense is more secure system compared to consumer routers and you can run Intrusion Prevention and IP/DNS based blocking for added security, if you like, also Unbound as local caching DNS resolver, or Unbound as DNS forwarder with DNS-over-TLS, etc. things not available with your Archer C6.

2. Correct, plus the Cloud Controller for easy system management and extra functionality.

3. UniFi and Omada cloud controllers do slightly different things, but in general provide remote access, centralized management, roaming control, network stats. You better have the controller. Some functionality is available through the controller only, like one click Guest Network in Omada. UniFi APs require controller or App to setup, Omada APs have their own WebUI, but through the controller is easier. You can include a map of your property and see the eventual APs coverage, etc.

4. UniFi is more expensive indeed. The software is a more polished, the updates are more frequent and the integration is more tight, but the performance is similar. I don't have experience with the new HD APs (my business now is in a completely different field), but I believe 4 x EAP245 will still achieve better coverage and total throughput compared to 2 x NanoHD, no matter how single NanoHD is better than single EAP245, if it is at all. Omada system probably still holds the best price/performance ratio in SMB market.

5. It is possible, but you lose the integration, roaming between the APs will be worse (with different APs), possible more complex upgrading of software, you won't see all of your equipment remotely, etc. I wouldn't go mix and match way. Your system is pretty simple, there no need to go mix and match anyway. Different switch only should be fine, I believe. I never used UniFi with non-Ubiquiti switch though. Omada with different switch is fine.

Omada Controller Emulator - https://emulator.tp-link.com/oc200/index.html#statistics

UniFi Network Management


P.S. This Dongknows website has some pretty amateur reviews and Dong actually doesn't know many things, so don't look there. The method he tests equipment is very basic and is often criticized by readers as inaccurate and providing wrong data.
 
Last edited:

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top