What's new

Dual WAN setup help needed

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

A cheap TP-Link or ER-X router can deal with Dual-WAN only, own router behind can do the rest. Good enough for $60.
 
TP-Link ER605 router for $60 does Multi-WAN properly as well.


Thanks, Techn9. I'll take a look into it and see if it also does OpenVPN.

Do you know if it works well for Multi-wan setup exclusively for Failover/Failback (not a load balancing setup). Failback would be key, given the WAN2 might be cellular.
 
Yes, but they don't happen that often. There are lots of consumer routers right now that are exposed. It really depends on how bad it is. Some of the vulnerabilities are difficult to implement.

The one TP-Link router I ran had terrible firmware as it was not well written. They never even fixed it before they outdated the hardware.

I can appreciate the exposures are common at the consumer level, and want to ensure I'm buying into hardware whose mfg takes security seriously and keeps it current. When the Log4J vulnerabilities became public last month, I went right out and checked firmware for my router and Access Points. In my mind those are the two locations I am most concerned about keeping security current.

My observation on the evolution of cyber security issues is that we've moved from targeted corporations who have specific data, to now just about any corporation and infrastructure. Who thought a corporation dealing with little of interest (say making brooms) would be a real target. I think that it is only a matter of time before individuals are targeted beyond those already having ransomware... and of course, all the additional entry points to individuals through IoT, etc.
 
I'll take a look into it and see if it also does OpenVPN.

Don't count on that. $60 hardware can't be anything good for OpenVPN. Cisco RV34x hardware is very slow as well. Offload extra features on different more capable hardware. What you need here is something to do Dual WAN functionality well.

o you know if it works well for Multi-wan setup exclusively for Failover/Failback

Yes, it does with 2x LAN ports. I don't have any cellular modems though and ER605 doesn't have any USB ports. This router is the cheapest one for Omada setup. I purchased one for testing about an year ago. There is a newer hardware version and newer software for it.
 
Good luck with getting it work without hitting a firmware bug.

I got it working on release firmware. Don't give recommendations for things you don't know. You may have seen one TP-Link router, I've seen many.
 
Cisco RV34x hardware is very slow as well. Offload extra features on different more capable hardware. What you need here is something to do Dual WAN functionality well.
A cheap TP-Link or ER-X router can deal with Dual-WAN only, own router behind can do the rest.

Thanks... two different threads I have are kind of coming together independently, so we can pickup in the other thread, but would note that I want to keep power consumption and # of network devices low/compressed/simple, such that when working off UPS power, etc - it will stay on as long as possible. I think you are talking about keeping hardware for single purpose use, though that may not be best for me.
 
I think you are talking about keeping hardware for single purpose use, though that may not be best for me.

Good, fast, power efficient, futureproof, etc devices from well known companies are expensive. I use Netgate 5100 at home (there is a better Netgate 6100 now), but it's $700. I'm trying to suggest something that fits your Dual WAN needs for less. You may not need Dual WAN tomorrow, if you get FTTH service, for example. There are many options available, but it all depends what do you want. You can't expect too many features from a $60 device.
 
Definitely not limiting myself to a $60 device. Would prefer to not go to $700... ideally somewhere between.
 
I can appreciate the exposures are common at the consumer level, and want to ensure I'm buying into hardware whose mfg takes security seriously and keeps it current. When the Log4J vulnerabilities became public last month, I went right out and checked firmware for my router and Access Points. In my mind those are the two locations I am most concerned about keeping security current.

My observation on the evolution of cyber security issues is that we've moved from targeted corporations who have specific data, to now just about any corporation and infrastructure. Who thought a corporation dealing with little of interest (say making brooms) would be a real target. I think that it is only a matter of time before individuals are targeted beyond those already having ransomware... and of course, all the additional entry points to individuals through IoT, etc.
The cisco RV routers do not have Log4J vulnerabilities. I have looked.
 
I got it working on release firmware. Don't give recommendations for things you don't know. You may have seen one TP-Link router, I've seen many.
Seems like you were giving recommendations on Cisco Firepower firewalls that you have never even run 1.
At least I have run a TP-Link router for around a year to form an opinion.
 
Seems like you were giving recommendations on Cisco Firepower firewalls that you have never even run 1.

Have you run it? It's an overpriced (and underpowered compared to competition) unit with closed source limited options software and subscriptions. The usual Cisco money drain business model offer. Specifications are free to read, no need to spend $800 to verify.
 
Last edited:
I was in charge of a Cisco PIX firewall back in the old days for 4000 PCs. I was trained on it but I had a guy that did most of the actual day to day work. I did more of the high-level network planning. I ran a small PIX at my house for a couple of years. A lot of the code is the same. So yes, I have a much better understanding than you of how the Cisco Firepowers works and what the code looks like.

I have no problem with Cisco's closed source firewall code. It just seems more secure to me.

I don't why you think it is limited? You can program it do to whatever you want. Much more so than any consumer router firewall.
 
Last edited:
I really hope Cisco guys have improved the code in last 20-30 years and have abandoned backdoors practices.

A new Cisco router is out of question in this thread. I'm going to upgrade my routers with different brand as well, when the time comes.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top