What's new

Decent Stable Modem with Router Suggestion for Comcast/Xfinity

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

arithforu

New Around Here
I am trying to find a way to setup two Wifi SSIDs, one with VPN connection and one without VPN connection.

Currently, I am connected to Xfinity's Modem/Router which I am leasing from them and I connected my RT-AC68U router with Merlin's firmware to it and configured my VPN which works great, that's when I noticed; my Xfinity wifi is still up & running and I also have another wifi from my RT-AC68U router
smile.gif


So I figured, what If instead of buying SB6183 which is just a modem, I buy a decent stable modem with router?

My setup that I want to setup:

1. (Need suggestions) A Modem with Router - SSID ABC - Connects to Internet Directly via ISP
2. (RT-AC68U) A Router connected to above Modem/Router - SSID XYZ - Connects to Internet via VPN

Thank you in Advance
smile.gif
 
The problem with buying a combo router/modem is the cable companies a lot time will not update the firmware unless you are running a standalone modem. I think you would be better off just buying a separate router and modem.
 
Just buy a modem. The Aris 6183 while not cutting edge works fine. $70 - $80 if you shop.

Then on the router running the Merlin you can have to six guest wifi networks plus the two regular WiFi.

Set up policy routing on your router which will let you control which wired and wireless devices use the VPN and which are routed using the WAN (Comcast). Since it is controlled by the devices assigned IP it won't make any difference which SSID or router port they are attached to. So this works correctly before setting the policy rules you will need to assign most/all devices a static IP using the router's firmware. Devices not assigned a static IP will be routed at what ever your default is (WAN or VPN).
 
Before you drop down any money on a modem, check with your ISP to see modems, they sanction / support.
Always good to check. I have Comcast and use the 6183 works fine on my 150/20 plan. 16 Channels down 4 Channels up though in my system Comcast only has 3 upstream channels.
 
If this helps - SB6183 - works great on CoxHSI...

It's a good cable modem for DOCSIS3... if your operator doesn't offer Gigabit, and even if they do, if your contracted speed is not gigabit, it's more than enough.
 
I am trying to find a way to setup two Wifi SSIDs, one with VPN connection and one without VPN connection.

Just as a reminder - what OP is doing - not really necessary - convenient perhaps - but there are other, better ways to do client connectivity through VPN vs. non-VPN.

Think running an Intel NUC as the VPN gateway/router... for the VPN clients inside the LAN, just point them to the NUC as the GW rather than the router...
 
Just as a reminder - what OP is doing - not really necessary - convenient perhaps - but there are other, better ways to do client connectivity through VPN vs. non-VPN.

Think running an Intel NUC as the VPN gateway/router... for the VPN clients inside the LAN, just point them to the NUC as the GW rather than the router...

There are reasons to have two routers with diffrent SSIDs. By having two routers, one ISP and one VPN it makes it possible for a user on the fly to decide how to router their connection without having to access the VPN settings on the router.

For instance say a user has a tablet and for security normally uses the VPN connection but then they wnt to stream a Netflix movie and Netflix has blocked that particular VPN's IP. All the individual that wants to watch the movie is switch their local WiFi connection with no VPN.

Sure there are other ways to do it, but this gives the device user the control when they need it.
 
There are reasons to have two routers with diffrent SSIDs. By having two routers, one ISP and one VPN it makes it possible for a user on the fly to decide how to router their connection without having to access the VPN settings on the router.

For instance say a user has a tablet and for security normally uses the VPN connection but then they wnt to stream a Netflix movie and Netflix has blocked that particular VPN's IP. All the individual that wants to watch the movie is switch their local WiFi connection with no VPN.

Sure there are other ways to do it, but this gives the device user the control when they need it.

THIS^

That's what and how I want to set it up.

Just buy a modem. The Aris 6183 while not cutting edge works fine. $70 - $80 if you shop.

Then on the router running the Merlin you can have to six guest wifi networks plus the two regular WiFi.

Set up policy routing on your router which will let you control which wired and wireless devices use the VPN and which are routed using the WAN (Comcast). Since it is controlled by the devices assigned IP it won't make any difference which SSID or router port they are attached to. So this works correctly before setting the policy rules you will need to assign most/all devices a static IP using the router's firmware. Devices not assigned a static IP will be routed at what ever your default is (WAN or VPN).

This works but I don't want to define which devices will use which SSID, I want to be able to switch between ISP and VPN. Just like CaptainSTX mentioned above, For instance say a user has a tablet and for security normally uses the VPN connection but then they wnt to stream a Netflix movie and Netflix has blocked that particular VPN's IP. All the individual that wants to watch the movie is switch their local WiFi connection with no VPN.

Is there a better way of doing so? Please provide some suggestions.
 
There may be ways to do it using one router with multiple SSIDs for wireless clients. It will result in writing custom rules using iptables and routing a device connected to a guest SSID to bypass the VPN. I'm not familiar enough with using scripting and iptables to give you a definite answer.

The simplest solution is do it the "old fashioned way" with two routers.

If you decide to go with two routers just be sure to run the VPN on a router with a very fast processor. A N66 with give you a VPN download of approximately 15Mbps while an AC1900P with a 1.4 Ghz processor can give you approximately 55Mbps.
 

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top