Thinking about going Prosumer

[BeachGuy]

House is 2-story, 3500 sq ft. Currently have main router GT-AX6000 with another GT-AX6000 in MoCA wired backhaul (2.5GbE) AiMesh mode. It's running good but the more I read about networking (total novice) the more I'm convinced to go to Pfsense/Opnsense with enterprise wifi AP. I have been thinking about the HUNSN mini PC and can't decide on enterprise WiFi AP. Unifi 7 Pro, Zyxel NWA220AX-6E, Grandstream GWN7665, Omada EAP670, Ruckus (used R750). Am I on the right track or is this overkill? Is Consumer (ASUS) good enough? Thanks

 

[ColinTaylor]

Nobody can answer this question because you haven't said what is wrong with your current setup or what you hope to achieve by changing things.

 

[BeachGuy]

It's my understanding that the firewall in Pfsense/OPNSense is much better than consumer (intrusion detection, intrusion prevention?). And the hardware in something like the HUNSN (CPU/RAM) is superior to consumer routers (and I might even be able to attach a NAS to it?). Also, my current WiFi only generates about 2 bars out of 4 (rssi) @ 160mhz. Want the best WiFi network without getting into a whole home lab and consuming my whole life (which I see people do).

 

[bbunge]

If you want better WIFI drop back to 80 MHz on the 5 GHz and 20 MHz on the 2.4 GHz. You will get a stronger signal and fewer connection issues.

If you have not had any security issues with the Asus routers you do not need to spend more money on something that may be .01% better. Most security issues are the result of bad browsing habits or responding to scams. A good filtering DNS resolver such as Quad9 or Control D will help. You will also spend less time managing your Asus routers. They will pretty much care for themselves with auto upgrades enabled

 

[degrub]

You won't improve your wireless networking ( assuming it really needs improving) or anything else mentioned without detailed planning. If everything is working well enough now, then don't bother, particularly wifi 7 which is a work in progress. If you have coverage issues where your bandwidth falls below 100 Mbit/s, you likely need to add 1-2 APs. If you have wired infrastructure, this would be easy with SMB gear or even possibly ASUS consumer gear. bbunge is dead on above.

For example, a decade ago i went from wireless N with one linksys wireless router to a CISCO SMB system ( 1 wired router, 4 AC wifi APs) on a 38 Mbit/s ISP DSL line for 5 people - 2 work at home, 3 teenagers including one gamer). No issues with stability, adeqaute bandwidth, and coverage. The coverage improvement took a while experimenting with AP placement and orientation. 3000+ sqr ft. 2 story house.
Disable remote access and drop all unsolicited packets avoids most security issues except those that originate from users clicking on links. Focus on that first.
If it isn't broken, don't try to fix it. G.A.S. is a real thing (gear acquisition syndrome) that can cost a lot with very little return or improvement. SpeedTest was invented to support G.A.S.

 

[BreakingDad]

If this is just for you to play cod warzone, it's overkill. Especially the R750 which can handle 1024 concurrent users In my experience the higher the wifi version the speed is better for sake of crap range.

If it were me, and I have been discussing Unifi quite a bit. I would go for something like a UniFi Express or a Cloud Gateway Max gateway, a couple of 6 series access points, and prob an 8 port managed switch. Then bung a NAS off that lot.

 

[BeachGuy]

If you want better WIFI drop back to 80 MHz on the 5 GHz and 20 MHz on the 2.4 GHz. You will get a stronger signal and fewer connection issues.

If you have not had any security issues with the Asus routers you do not need to spend more money on something that may be .01% better. Most security issues are the result of bad browsing habits or responding to scams. A good filtering DNS resolver such as Quad9 or Control D will help. You will also spend less time managing your Asus routers. They will pretty much care for themselves with auto upgrades enabled

When I put it on 80mhz the throughput is less than 160mhz (although like you say stronger signal). Also, I run unbound for DNS (plus Skynet and Diversion).

 

[degrub]

Coverage or bragging rights is the choice. Very few applications need over 100 Mbit/s bandwidth, particularly across the internet. If you were hosting a local server and playing games or video editing, then improving the local bandwidth would make sense. Otherwise, the internet and remote servers are the real limitation.

 

[BeachGuy]

If this is just for you to play cod warzone, it's overkill. Especially the R750 which can handle 1024 concurrent users In my experience the higher the wifi version the speed is better for sake of crap range.

If it were me, and I have been discussing Unifi quite a bit. I would go for something like a UniFi Express gateway, a couple of 6 series access points, and prob an 8 port managed switch. Then bung a NAS off that lot.

Ok thanks. I actually play COD with wired connection from PC to router . It's more about the family and their AC/AX devices (2n, 14ac, 4ax).

 

[BeachGuy]

Sounds like if it ain't broke don't fix it. So I won't. I might look into Unifi eventually. Thanks all!

 

[BreakingDad]

Ok thanks. I actually play COD with wired connection from PC to router . It's more about the family and their AC/AX devices (2n, 14ac, 4ax).

So massive overkill as your family don't appear to have 250 devices each connected to wifi that are continously on

A small gateway is more than enough and you can still connect your pc via wire to the switch. Even what you have already can typically handle 20-50 devices. I would look at the Unifi Cloud Gateway Max + Switch with maybe with a couple or three U6 access points. Or the Omada equivilant if you like TP Link. You get a 2.5gb wan port + 2.5gb x4 lan ports, 300+ Client and support for 28 cameras complete with NVR with that baby.

 

[BeachGuy]

So massive overkill as your family don't appear to have 250 devices each connected to wifi that are continously on

A small gateway is more than enough and you can still connect your pc via wire to the switch. Even what you have already can typically handle 20-50 devices. I would look at the Unifi Cloud Gateway Max + Switch with maybe with a couple or three U6 access points. Or the Omada equivilant if you like TP Link. You get a 2.5gb wan port + 2.5gb x4 lan ports, 300+ Client and support for 28 cameras complete with NVR with that baby.

Excellent thank you for your response, that was what I was looking for. A gateway is a router? And that is better than Pfsense/OPNSense?
I currently have 2 wireless APs, one connected to modem (upstairs) and one connected via MoCA ethernet (downstairs). Would I do the same with Unifi or do I have to run an ethernet cable to another AP?

 

[degrub]

depends on how much time you want to invest learning Pf/OPNsense versus a simpler Unifi or Omada configuration. Both have their learning curves. In my experience the latter two were more straight forward.

 

[BreakingDad]

Excellent thank you for your response, that was what I was looking for. A gateway is a router? And that is better than Pfsense/OPNSense?

Yes it's a "router" I would suspect PFSense is potentially better if you spend hours with manual configuration, however unifi has it's own hardware firewall that is integrated into the ecosystem. For protecting a home network both (and what you have already) are more than adequate.

Just to confuse you even more: If you wanted to get really complex you could even mix pfsense and unifi and have pfsense controlling your routing and unifi controlling your switching

Personally I would stick to the all in one solution, rather than using chinese boxes with opensource software installed. Each to their own though if you enjoy tinkering ( which i think most of us here do ) sometimes it's so dull with Asus routers now, mine never misses a beat anymore.

 

[BeachGuy]

depends on how much time you want to invest learning Pf/OPNsense versus a simpler Unifi or Omada configuration. Both have their learning curves. In my experience the latter two were more straight forward.

Ok thanks, I'm not a network engineer just a novice/layman so simpler is better. Like I said, I don't want to spend my whole life on network (I've already invested a lot of time/$).

 

[BeachGuy]

Yes it's a "router" I would suspect PFSense is potentially better if you spend hours with manual configuration, however unifi has it's own hardware firewall that is integrated into the ecosystem. For protecting a home network both (and what you have already) are more than adequate.

Just to confuse you even more: If you wanted to get really complex you could even mix pfsense and unifi and have pfsense controlling your routing and unifi controlling your switching

Personally I would stick to the all in one solution, rather than using chinese boxes with opensource software installed. Each to their own though if you enjoy tinkering ( which i think most of us here do ) sometimes it's so dull with Asus routers now, mine never misses a beat anymore.

Ok thanks. I like tinkering to an extent (like all of us here). But I know just enough to get into trouble probably. You started to lose me with "pfsense controlling your routing and unifi controlling your switching". Yes, my setup is "dull" now but that is good for me

 

[BreakingDad]

Ok thanks. I like tinkering to an extent (like all of us here). But I know just enough to get into trouble probably. You started to lose me with "pfsense controlling your routing and unifi controlling your switching". Yes, my setup is "dull" now but that is good for me

It's ok I lost myself on that as well, I just read up on it and it involves VLans etc to achieve it. Interesting one for the pros though. My setup is also dull, but it keeps the family happy right. Maybe one day I'll wipe it all and do a fresh install just for the fun.

 

[Tech9]

It's running good

No need to change then. Continue using what you already have.

 

[BeachGuy]

No need to change then. Continue using what you already have.

I see you use Ubiquiti and pfSense/OPNsense. How's that going? I guess each situation/network need is different.

 

[Tech9]

I have a few home locations entirely with Ubiquiti equipment and a few business locations with Netgate gateways running pfSense, Netgear switching and Cisco wireless. Different networks with different purpose. None of them is running 160MHz wide channel and no business gear provider recommends it.

Mix between pfSense/OPNsense gateway with something else for switching and wireless is definitely possible and commonly used, but not needed for home network. Lower cost options like Omada and UniFi provide everything needed from a single vendor, with guaranteed compatibility and with single control panel.