Router with scheduled Access/Parental controls, and VLAN?

[ks1]

Hi I'm looking for a SOHO/Home Router with scheduled Access/Parental controls, and VLAN capabilities to help isolate some things away from the WAN/Internet.

We have Cat6 cabling and 40 RJ45 sockets/outlets to a 42 port patch panel and a bunch of devices as shown below.

I used to have a Synology RT1900ac running most of the devices which I was very happy with except it had no VLAN capabilities apart from the Guest network, and once all the new cabling and patch panel went in, it became unreliable and seemed not to be able to cope (kept grinding to a halt).

I bought an Asus BRT 828, which on papers does everything I need but turned out to be full of bugs/faults (including not being able to change the password) and Asus support literally non-existent.

I'm wondering what my options are?

The buggy firmware and total lack of support from Asus puts me off another Asus - unless somebody can assure me that one of their other products is reliable?

Reviews of the Negtgear R9000 indicate it can't do internet access control according to a time schedule - is that true of all the modern Netgear routers?

TP-Link's Ad7200 looks good but does it only do WAN side VLAN of IPTV, or can I get it to do LAN VLAN tagging?


Any suggestions welcome.


My network:
2 Netgear GS116Ev2 switches
1 Netgear GS110TP (PoE)
1 TP Link EAS245 Access point

Media
1 PS4
Sky Q x2
Gaming PC
2 4k TVs streaming Netflix, BBC iPlayer and Plex from a Synology 916+

Security
5 Wired IP Cameras (4 PoE, 1 Video Doorbell)

Work
4 wired PCs & 4 Laptops 802.11ac served by a Synology 412+
Printer
Netgear ReadyNAS taking overnight backups of the Synology 412+

IoT
2 Bosch Ovens, Dishwasher
Fibaro Homecentre 2 with ~80 devices
Philips Hue

 

[degrub]

"I used to have a Synology RT1900ac running most of the devices which I was very happy with except it had no VLAN capabilities apart from the Guest network, and once all the new cabling and patch panel went in, it became unreliable and seemed not to be able to cope (kept grinding to a halt)."

this makes no sense unless there is a physical cabling fault or some combination of networked devices are overloading the router. It sounds like you need a managed switch(s) to segment traffic away from the router where the storage is local (cameras, homecenter, etc.).

Look at a CISCO sg300-xx switch talked about here often. It operates as Layer 3 or 2 and has plenty of bandwidth. Send only the traffic that needs to go to the internet to your router and keep the rest local on the switch.

 

[ks1]

"...this makes no sense unless there is a physical cabling fault or some combination of networked devices are overloading the router. It sounds like you need a managed switch(s) to segment traffic away from the router where the storage is local (cameras, homecenter, etc.).

The cabling has been tested thoroughly and works fine. I agree that it makes no sense that the very simple, Thompson ISP-provided router copes when the Synology doesn't, but it doesn't. In fact I have 2 Synology RT1900ac routers and factory reset each, but both behaved the same - just stopped serving WiFi and cable connected devices after a day or so. I have indeed 3 managed switches (see the list), but off-router switching shouldn't be necessary with just 30-40 clients.

I appreciate your post, but I'm looking for router choice advice, not more switches.

 

[degrub]

So, in the exact same network set up the synology worked fine ? the only difference is the switch over to Cat 6 and the patch panel ? Since you say the cabling checked out, i wonder about the patch panel. A map of your physical network layout would be useful to others trying to help.
Is the RT getting hot ?
look at the cisco SMB RV32x series for a start. or Pfsense.
Any router with the ability to set firewall rules based on schedule would do the control you mentioned. You should be able to use the switch VLAN capabilities to restrict those devices to the lan only and not reach the router. See the VLAN tutorials on the site.
The network should be segmented physically so that the switches handle all the traffic that does not need to get to the internet. The router should only have to handle that traffic. So perhaps some option is switched on that requires the router cpu to handle all packets, including those going through the switch only ? One large switch is usually better than cascaded switches for load issues.

 

[ks1]

So, in the exact same network set up the synology worked fine ? the only difference is the switch over to Cat 6 and the patch panel ?

Not exactly, but similar.

I wonder about the patch panel.

Tested with the cabling - seems fine.

Is the RT getting hot ?

Neither connected anymore. Yes they did get hot, but they always got hot even when everything was running fine.

A map of your physical network layout would be useful

The cabled bit goes like this
WAN
^BT Openreach Fibre Modem
^-Router
^--GS110TP <-- IP cameras, TP Link EAS245 AP, Video Door Bell
^--GS116Ev2 <-- Synology Media NAS, TVs, STBs, PS4, Games PCs, some LAN sockets, Philips Hue
^--GS116Ev2 <-- Synology Work NAS, ReadyNAS, PCs, Printer, some LAN sockets
^--Fibaro HC2
(rest via Wifi)

look at the cisco SMB RV32x series for a start.

I hadn't though of Cisco, but have of course head of them for business. User reviews e.g. here & here make it seem as though these wouldn't cope any better than the Synology. Do you have first hand experience? Also no Wifi and relatively slow speeds compared to the consumer market at the same price point, but I expect support should be much better.

or Pfsense.

I looked at the home page but don't really know what this is. Some kind of firewall switch 'project' that has hardware as well? Is there a particular model that you're thinking of? I couldn't work it out - its obviously aimed at experts.

Any router with the ability to set firewall rules based on schedule would do the control you mentioned.

. yes, that's why I'm wondering if people have first hand experience of a similar situation and a decent product with decent support.

use the switch VLAN capabilities...so that the switches handle all the traffic that does not need to get to the internet. The router should only have to handle that traffic.

Why? Shouldn't I be able to expect that a router can cope with routing this [surely relatively low complexity] demand?

 

[degrub]

Not exactly, but similar.

Tested with the cabling - seems fine.

Neither connected anymore. Yes they did get hot, but they always got hot even when everything was running fine.


The cabled bit goes like this
WAN
^BT Openreach Fibre Modem
^-Router
^--GS110TP <-- IP cameras, TP Link EAS245 AP, Video Door Bell
^--GS116Ev2 <-- Synology Media NAS, TVs, STBs, PS4, Games PCs, some LAN sockets, Philips Hue
^--GS116Ev2 <-- Synology Work NAS, ReadyNAS, PCs, Printer, some LAN sockets
^--Fibaro HC2
(rest via Wifi)

I hadn't though of Cisco, but have of course head of them for business. User reviews e.g. here & here make it seem as though these wouldn't cope any better than the Synology. Do you have first hand experience? Also no Wifi and relatively slow speeds compared to the consumer market at the same price point, but I expect support should be much better. >>> Unless you purchase support, don't expect anything beyond the forums. i run a couple RV325s at home without issue but i don;t use security cams.

I looked at the home page but don't really know what this is. Some kind of firewall switch 'project' that has hardware as well? Is there a particular model that you're thinking of? I couldn't work it out - its obviously aimed at experts.
. yes, that's why I'm wondering if people have first hand experience of a similar situation and a decent product with decent support. >>>research threads here about pfsense. it does have a learning curve, so if you need something simple, not for you.
Why? Shouldn't I be able to expect that a router can cope with routing this [surely relatively low complexity] demand?

Not necessarily. Most of your traffic may not need routing. Switching more likely unless it has to talk with the internet.

Have you reviewed the logs on the Synology to see what might be causing the issue ?
i had old linksys gear that would have to be re-booted once a week to clear up issues. Once every few days sounds like poor firmware or overload or hardware issues. i doubt the former. If all the traffic had to go through the router, then it could be too much load or misconfiguration or thermal issues.