Question Router/Firewall + POE WiFi Access Points?

[Mr Bob]

I'm currently updating a fairly complex / device-rich network at our house. When we moved into a new house, I had to quickly deploy 4 Google WiFi points just to setup an inexpensive network with WiFi, having full coverage. The new setup will be mostly hard wired, with POE runs to 2-3 areas for WiFi coverage.

Hard wired to modem is just below gigabit speeds via the ISP, so I'd like to keep the wired network as close to that as possible.

So now I need a router / firewall / gateway, as well as 2 or 3 POE WiFi access points to provide coverage, and with only 1 device running, being able to pass that gigabit speed through to the router.

I've looked around, it seems like Cisco has a few cloud solutions, Zyxel listed a handful of routers but they weren't true gigabit when the firewall was enabled. Kind of pointless to lose that much bandwidth...

Any suggestions? The more management options/information, the better... Ideally, I'd like to keep it under $1k.

 

[Mr Bob]

Just to circle back a bit on an older thread, I have to say I'm impressed but also disappointed.

Ubiquiti offers a 1 yr warranty, which means they don't stand behind what they sell. That sucks, but it is what it is. Tough when companies like Netgear stand behind their products. Doesn't mean they don't fail, it just means they believe enough in what they sell, such that if it fails, it's not a big deal to replace/upgrade. Tech changes, but everything tends to be backwards compatible, so if something is replaced, it has a good chance of working with old components 5 years later.

These folks have also mentioned that for the "full experience" you need to buy their switches, which is total BS. A few IP issues that I've found, led the company to mention I need to purchase their more expensive switches that have very little warranty.

So I did that, and every issue I had before, is still present. At least I was able to say, "been there, done that, still doesn't work!"

I currently have a Synology DS 1817 NAS that can't even maintain an IP address. Whether it's static, DHCP, or both/or, doesn't matter. Support claims to run their own hardware first, which sucks, because now I have to replace my lifetime switch from Netgear Pro.

So overall, I guess I'm happy, but still not satisfied. I'm a bit stuck with Ubiquiti, but not sure another option would have been sufficient. It's possible Ubiquiti is simply too early on before things take off, although their stock has been killing it.

Not sure I'm ready to recommend Ubiquiti, but I do think it was worth trying out.

My current, unsuccessful, setup is:

UDM Pro for main routing
UDM 48 Port Switch
3 x Nano HD WiFi APs throughout the house
1 x Outdoor WiFi AP for backyard WiFi

Although Ubiquiti is "auto" configured for WiFi, I've had to enable the "Advanced Features" set in order to optimize my WiFi. Walk around the house and change both transmission power (Tx), as well as signal strength RSSI. I'm learning a lot more about optimizing WiFi that I didn't hope I needed to know. Tech should be smart enough to know the necessary settings, why is a human involved in doing speed tests and power strength tests????? Seriously??? Maybe Google WiFi was better than I gave it.

 

[mxnerd]

No WiFi system is perfect for every environment. Ubiquiti products are enterprise level at consumer price, buyer are expected to do fine tuning sometimes however.

Unfortunately you can't return now. (over 14 days)

Ubiquiti - Rethinking IT

Technology platforms for Internet Access, Enterprise, and SmartHome applications.

www.ui.com

Review for TPLink Deco M5, if you really not satisfied with Ubiquiti.
3 pack Deco M5 price = 1 ubiquiti nano

So Synology DS 1817 NAS worked before and was able to maintain an IP but now it can't? Not even a static one? Which device it connects to? The UDM Pro?

Similar situation?

Question - ONT/Internet/Router issue

New to the forums and have run out of ideas so I would appreciate any ideas or help. Service provider is Century Link 1gig up/down comes to the house as fiber and goes to an ONT. When originally installed they tested the up/down speed and connected to thier laptop to make sure they could web...

forums.anandtech.com

 

[Genx87]

In what way is the Synology not keeping an IP? I was looking through the controller gui and noticed they have Wifi AI now which seems to autosense radio congestion that may help with client connectivity.

 

[NeonFlak]

Roll yourself an Untangle box. Go with Untangle free or the $50/year home license. And then get yourself some WiFi 6 APs, like the EWS377AP (qualcomm).

Don't get me wrong Ubiquiti makes good stuff, but only their high end gear. I work with their stuff daily. All of their lower end cheaper APs are shit as they all use mediatek chipsets. And with Ubiquiti you are pretty much a paying beta tester. I do know the latest firmware increased throughput on the nanoHD. But you'll still get better performance out of even something like the TPLink EAP245 which is a 3x3 AP compared to the nanoHD 4x4. If only because the EAP245 is using an enterprise qualcomm chipset vs the mediatek in the nanoHD.

 

[VirtualLarry]

All of their lower end cheaper APs are shit as they all use mediatek chipsets.

THAT's not good...

 

[mxnerd]

Don't get me wrong Ubiquiti makes good stuff, but only their high end gear. I work with their stuff daily. All of their lower end cheaper APs are shit as they all use mediatek chipsets.

So Ubiquiti makes good (fancy) software to pair with inferior wifi chipsets? Wow, that's some info almost no one talked about.

 

[mxnerd]

Don't get me wrong Ubiquiti makes good stuff, but only their high end gear. I work with their stuff daily. All of their lower end cheaper APs are shit as they all use mediatek chipsets.

Hmm, according to the following link, most APs use Qualcomm chips.

WiFi 6 support? | Ubiquiti Community

Will Existing Access points support WiFi 6? Is support for WiFi 6 likely to be far far off in a land far away, or is it something we might see in the first

community.ui.com

 

[ch33zw1z]

So Ubiquiti makes good (fancy) software to pair with inferior wifi chipsets? Wow, that's some info almost no one talked about.

I would like to see a link(s) that confirms the assertion. My UAP-LR handles tons of load without as much as a hiccup.

I haven't found much in my googlin to confirm the hardware tho, and the specs sheets didn't say (I skimmed and searched)

 

[mxnerd]

I would like to see a link(s) that confirms the assertion. My UAP-LR handles tons of load without as much as a hiccup.

I haven't found much in my googlin to confirm the hardware tho, and the specs sheets didn't say (I skimmed and searched)

See my #57 update. The post in Ubiquiti forum negates what NeonFlak was claiming.

 

[ch33zw1z]

See my #57 update. The post in Ubiquiti forum negates what NeonFlak was claiming.

Awesome. Guess that's why the LR doesn't hiccup with 3 or 4 clients streaming video at a time, aside from the other normal traffic.

It's also reaches signal about 200ft thru the woods laterally to the edge of my property.

 

[RKramkowski]

So I'm at the point that I have to replace my gaming router - too many devices, particularly as I convert to a "smart house" (plus we have a big family - already over 50 connected devices" I already have a Palo Alto PA220 with IPS/IDS/VPN, etc. Pretty loaded. But I see that the Dream Machine has limits when using IPS or IDS (I have a 400 Mb connection to my ISP, possibly upgrading soon to 1Gb. That's the limit of the PA220 but if I do have the PA220, is the Dream Machine overkill? Should I look at something more basic? I'm even considering building my own router using OPNsense. Any thoughts or advice before I set a direction?

 

[Mir96TA]

PA requires subs

 

[Mir96TA]

PA can do layer 7, ssl inspection, extensive threat prevention.
Dream machine is no match for PA 220.
BTW with every on pa 220 you might not get 1 Gige line speed.
It is all about packets per second.

 

[Mir96TA]

You can also run PA 220 as a layer 2 device?

 

[Mr Bob]

So I’m all in with Ubiquiti, we’ll see how well it holds up. The outdoor UAP-AC-M is utter junk. I actually get better signal from my neighbors WiFi that is their house 200ft away.

Anyhow, here are a few pics for all the other geeks out there...

 

[SamirD]

Nice! I've never seen a 22U rack wall mounted like that before--must be heavy!

 

[Mr Bob]

It’s only a 21U

1/16th an inch left the right side, got lucky there...

 

[ch33zw1z]

Cool setup. WRT to the AP, have you tried a different location in the house? Location and orientation make a difference

 

[Mr Bob]

Cool setup. WRT to the AP, have you tried a different location in the house? Location and orientation make a difference

It’s the outdoor AP that has trouble. Inside, I get consistent 500-580 Mbps over WiFi, AFTER I optimized the APs. When on auto optimize I only maxed at 300 Mbps. After running RF scans and setting correct channels, width, and power, I’m able to reach advertised specs.

There appears to be a hardware issue with the UAP-AC-M outdoor AP. It doesn’t come close to advertised specs. Really long thread about it at Ubiquiti:https://community.ui.com/questions/UAP-AC-M-poor-signal/347d6576-9b17-4647-a447-4dcac83c87c4?page=1

 

[ch33zw1z]

It’s the outdoor AP that has trouble. Inside, I get consistent 500-580 Mbps over WiFi, AFTER I optimized the APs. When on auto optimize I only maxed at 300 Mbps. After running RF scans and setting correct channels, width, and power, I’m able to reach advertised specs.

There appears to be a hardware issue with the UAP-AC-M outdoor AP. It doesn’t come close to advertised specs. Really long thread about it at Ubiquiti:https://community.ui.com/questions/UAP-AC-M-poor-signal/347d6576-9b17-4647-a447-4dcac83c87c4?page=1

Ah, fair enough. 4 years old and still active, I probably would've replaced it by now lol, or just settled on 300 Mbps cuz that's enough for wireless stuff.