What's new

Firewalla

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Yes, that's how I switched modes. I'll try as you suggest. Thanks!
If you switched your AX86U from Router to AP Mode without touching anything else, the default configuration is Automatic IP. Reboot the router and run the Device Discovery tool once again. The router in AP Mode will take an IP from Firewalla's DHCP server. Use this IP to access the router's GUI.
Wohoo, that did the trick.

Thanks Tech9!
 
Perhaps set the firewalla to the same IP range as what the router has? Did you used to use 192.168.83.x?
Hi Paul. I tried Tech9's solution above to get the router to draw on the Purple's DHCP server. Worked. All is good. And thanks for your assistance too!
 
If you did not reset the router, connected devices in GUI will have the same names as in Router mode. In case you use custom client names.
 
I debated deploying Firewalla (Gold or Purple) model ~ 3 months ago as the front facing internet door - right when the "TechCrunch" article was published. I also dove into many earlier reviews and liked what I read. I also looked into the support forums - great place to find about customer service. ;)

One of the sticking points I saw was their current implementations there is a limit on the # of banned country codes it would accept. I think the "Purple" was 10 and I have at least 15+ in skynet today. I understand their design goal to KIS but that hit pause button for me. Note: The Gold model has an unlimited # of banned countries.

IMHO, the "Purple Firewalla" is a near-perfect companion for traveling whether it be hotels or home-away/air-b-n-b rentals. I never trust those things natively. With it's very limited wifi, it's perfect for same-room deployment as it was never intended to cover a whole house (wirelessly) and they make that very clear. So using Firewalla as the main front doors with the most excellent ASUS routers as WAPs is attractive for a KIS(er) but more generally hardened approach - aka thinking in-laws and less tech savvy family members we all tend to support in these parts! ;)

My network is already subnet for prod/work and IOT+other traffic (kid's machines) which I do not trust quite as much. I also use 2 older RT-AC68U as WAPs and RT-AX86U as the main front doors today.

Please update this thread on what you learn and determine with your experiments! Peace. Later.
 
Last edited:
So I got the FW Purple and installed it as router and attached Asus AX88U in AP running Merlin. I was reluctant to switch AX88& to AP from router but I wasn't comfortable with Trend Micro or Asus firewall, and didn't know what was going on behind the scenes in the router and attached devices. In any event the installation was effortless. The Firewalla purple and gold have the ability to run Open VPN as well as Wireguard in guest and server mode. I have guest set up and like the Asus Open VPN Director it allows you to pick and choose which connected devices get to use Open VPN or Wireguard, including those devices residing in "quarantine." And the VPN has a kill switch. Quarantine operates somewhat like "guest" mode but allows you to apply VPN. Firewalla has a "free" VPN for use in VPN server mode which is fantastic! I suppose the main difference between Firewalla and Asus is how Firewalla allows you to see everything going on in and through the router, to include network flows of each individual connected device. Moreover it allows you to block activity you aren't sure about and create rules on the fly. Just amazing product from a guy, Jerry Chen, who has more than 20 years working on data protection at Cisco Systems. Here is a better review:
 
Last edited:
So I got the FW Purple and installed it as router and attached Asus AX88U in AP running Merlin. I was reluctant to switch AX88& to AP from router but I wasn't comfortable with Trend Micro or Asus firewall, and didn't know what was going on behind the scenes in the router and attached devices. In any event the installation was effortless. The Firewalla purple and gold have the ability to run Open VPN as well as Wireguard in guest and server mode. I have guest set up and like the Asus Open VPN Director it allows you to pick and choose which connected devices get to use Open VPN or Wireguard, including those devices residing in "quarantine." And the VPN has a kill switch. Quarantine operates somewhat like "guest" mode but allows you to apply VPN. Firewalla has a "free" VPN for use in VPN server mode which is fantastic! I suppose the main difference between Firewalla and Asus is how Firewalla allows you to see everything going on in and through the router, to include network flows of each individual connected device. Moreover it allows you to block activity you aren't sure about and create rules on the fly. Just amazing product from a guy, Jerry Chen, who has more than 20 years working on data protection at Cisco Systems. Here is a better review:
I also have a AX88U that I am trying to connect to a FW Gold. Did you use the WAN port on the AX88U to connect to the FWG or a LAN port? My AX88U shows all LAN ports as "Unplugged"....
 
Yes I used the WAN port on the AX88U to connect to the LAN port of the FW. My AX88U is in AP mode and I have a Netgear smart switch and other devices connected to the AX88U LAN ports. I think before I plugged them into the AX88U LAN ports that it registered "unplugged." FW needs to register devices plugged into an AP.
 
Ok
Yes I used the WAN port on the AX88U to connect to the LAN port of the FW. My AX88U is in AP mode and I have a Netgear smart switch and other devices connected to the AX88U LAN ports. I think before I plugged them into the AX88U LAN ports that it registered "unplugged." FW needs to register devices plugged into an AP.
Ok thanks I will give that another try. FWG was not detecting anything plugged in last night though. I even set the FWG LAN1 to the same IP range as the AX88U but still nothing detected as connected....
 
For someone who's interested in network security but doesn't know much technically; is a dedicated hardware firewall such as the Purple something that is recommended everyone should have, or is the AX86U (e.g.) good enough for a small network?

Does the Purple offer anything security wise that asuswrt-merlin doesn't?
 
Marketing will tell you it's something everyone should have.

The (eg. RT-AX86U) is good enough for a small network.

How much money do you have as 'spare'?

The biggest security risk is always the user behind the keyboard. Particularly when you can tweak the security settings to your will.
 
For someone who's interested in network security but doesn't know much technically; is a dedicated hardware firewall such as the Purple something that is recommended everyone should have, or is the AX86U (e.g.) good enough for a small network?

Does the Purple offer anything security wise that asuswrt-merlin doesn't?
I like knowing what's going on with each client, group and network, and I find Firewalla gives me that information and a way to deal with multiple issues. I found Asus more of a black box in that regard. Unless you are sophisticated with programming the Asus router with code that reveals more of what's going on I think having a hardware firewall that keeps you informed about client flows and gives you a way to deal with it all may be a better way to go. At least it has been for me (so far).
 
Hey @Tech9 !

Check my signature! :)
 
I did already. I have notifications set. :)

What did you do with GT-AX6000? Back to Amazon?
 
I have always liked the mesh operation of my eero Pro better than Asus. I tried the newer eero wifi 6 units but they were not as compatible with some of my IoT devices.

I had run these eero Pro units in the past in Bridge mode but they were designed to lock in using channels 1, 36 and 149 when in Bridge mode. I live in a retirement community and I am saturated with surrounding wifi almost as bad as people living in apartments or townhomes are.

With the latest eero update, the eero now maintain ACS capability while in Bridge mode.

I snagged a used Firewalla Gold at a good price and put it online to handle all routing, Dual WAN, firewall and vpn duties.

I had developed an unjustfied phobia a few months back about running “cloud” controlled network devices such as Firewalla and eero. I finally realized there are more important things to be concerned about.

I have yet to decide what to do with the GT-AX6000. Since I purchased it during a Lightening Deal, I have until January 31, 2023 to return it.
 
Last edited:
I have yet to decide what to do with the GT-AX6000. Since I purchased it during a Lightening Deal, I have until January 31, 2023 to return it.

I decided to return the GT-AX6000 to Amazon….. :)
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top