Need help chosing a wifi router please

[anguilla1980 18]

These are what are most important to me, in order or importance:

 

Stability/reliability

VPN

Bandwidth

Speed

 

Other features I need I think all modern routers have such as QoS, multiple SSIDs (each with with their own subnet & totally isolated from each other LAN wise for security), multiple antennas for simultaneous HD streaming, low latency for gaming, etc etc.

 

I do HD multimedia and cybersecurity work from home. I have multiple HD (including 4K) wireless devices in my home office plus an entire dev lab of devices for testing. It's devastating to me when my network goes down and during work hours, that simply can NOT be an option due to meetings/etc. I travel for work and must be able to VPN into my home office subnet for work.

 

In the rest of my house I have a ton of devices for my whole family, 2 teenage boys that are gamers, multiple smart TVs that stream HD.

 

I'd like to spend $700 or less. What would be the best choice for me? Thanks a lot in advance, I really appreciate the help!

[Mindovermaster 1,983]

You're wireless strength is only going to be good as your devices. Most wireless routers are the same.

 

If you have a large house, use: https://www.ui.com/products/#default

 

Run several AP's all over your house.

 

Wherever you can, use wired, not wireless...

[adrynalyne 11,873]

3 minutes ago, Mindovermaster said:

You're wireless strength is only going to be good as your devices. Most wireless routers are the same.

 

If you have a large house, use: https://www.ui.com/products/#default

 

Run several AP's all over your house.

 

Wherever you can, use wired, not wireless...

 Disagree on most routers being the same. Good call on Ubiquiti, though Amplifi might be an easier choice due to consumer friendliness.  

[+Fahim S. 1,086]

8 hours ago, adrynalyne said:

 Disagree on most routers being the same. Good call on Ubiquiti, though Amplifi might be an easier choice due to consumer friendliness.  

Wasn't impressed with Amplifi.  I ran it for a while.  The unit arrived not working 100% (screen not working) and the performance wasn't an improvement over a regular router updated with decent firmware such as DD-WRT.

[xendrome 5,422]

8 hours ago, adrynalyne said:

 Disagree on most routers being the same. Good call on Ubiquiti, though Amplifi might be an easier choice due to consumer friendliness.  

+1 for AmpliFi HD, Fahim S. sounds like you just got a defective unit.

[+BudMan 3,517]

11 hours ago, anguilla1980 said:

I'd like to spend $700 or less.

That is a pretty decent budget... What exactly are you running now for your networking gear?  Router and Switches, etc.  You mention you do cybersecurity...

 

So your switch(es) are currently vlan capable?  How large is your house?  Or how large of area do you want to cover with wifi?  Could for sure put together a suggest list of hardware that falls under that budget..

 

If I assume you have switches already that can at min do vlans.. Something like this would uplift your whole network and wifi - items in list could be altered depending on what you are currently working with.  And could be modified if you can not run wire for best AP locations and just need/want to run mesh setup (wireless uplinks between AP) number needed, etc. etc..

 

But from the hip with that budget.

SG3100 350$

UAP-AC-Pro $135

UCK-G2 $180

 

Total = $665

 

If you have a box to run the unifi controller software, you could forget the UCK, or go with gen 1 version, half the cost of gen2.  If you need more AP you could go with lite version, or drop the router to sg1100, which is only $160..  Or you could go with the UAP-NANOHD  $170 for a better AP and still be at your $700 budget.

 

We could for sure throw in a $40 8 port gig smart switch and your still at your 700 budget mark.  Lots of choices with that sort of budget for a complete uplift for sure..

 

links

https://www.netgate.com/solutions/pfsense/sg-3100.html

https://www.ui.com/unifi/unifi-ap-ac-pro/

https://unifi-protect.ui.com/cloud-key-gen2

 

cheaper plan with more AP

SG1100 $160

UAP-AC-Lite 3 of them $240

UC-CK $100

 

Total = $500

 

edit:  Unless something has recently changed the amplifi stuff doesn't do vlans... To me that would be a show stopper, and anyone doing IT work I would think so too!  That might be ok for billy bob the home user.. But he says he does security..

 

edit2:

If you have more money to spend we could get a little crazy

SG5100 or 7100 if you want/need 10g

UAP-AC-SHD, which does WIPS and has airtime and airview which provides some really slick info.

 

 

 

 

 

 

 

[+Fahim S. 1,086]

28 minutes ago, xendrome said:

+1 for AmpliFi HD, Fahim S. sounds like you just got a defective unit.

The only part that was defective was the screen, but there is an order of magnitude difference in terms of how much control you get between Amplifi (virtually none) to Unifi (total control).

Amplifi doesn't do VLANs etc.

If you really want control, then Amplifi doesn't offer any more than any other consumer grade router.

[+BudMan 3,517]

So I was right the Amplifi still doesn't do vlans - that to me would be a show stopper!!

[+Fahim S. 1,086]

6 minutes ago, BudMan said:

So I was right the Amplifi still doesn't do vlans - that to me would be a show stopper!!

It's a total show stopper.  It might be made by the same company but it is a completely different grade of kit.

I sent mine back and bought a Unifi AP. I couldn't be happier with the decision.

[+BudMan 3,517]

You could also just go full unifi for your router side of it... But to be honest hands down, after playing with their USG.. While sure it can do vlans, and it can do IPS and it has some slick eye candy with DPI.. overall its clunky to work with compared to something like pfsense do even basic stuff like vlans and firewall rules.. While it does have for support for vpn.. Wow is it PITA to setup vs in pfsense, etc.

 

I just don't think your going to find a all in one sort of box to provide the feature set and coverage that someone in the field and sort of wifi devices he states is going to want.

 

And while the lite, lr, pro, shd or even nanohd do not support "full mesh" they all do support wireless uplink.. So if you he needs coverage in an area and just can not run a wire - that would be an option.

 

BTW you didn't mention your requirements for throughput on the internet side.. What is your current or near future internet speed?  This could be deciding factor in what you need for router, for example the sg1100 not really going to support gig internet.. It gets close.. but not going to get you full gig.. While the 3100 or above will.

 

[anguilla1980 18]

Thanks for the info so far!

 

Here is some more info asked for...... My ISP only offers 100Mbps at the moment. I use Cisco SG series switches currently.

 

One wireless router should cover all of the area I need wireless. Most things in my office are hard-wired with the exception of 3 laptops and a phone. My house is only 1,900 sqft and made from wood/drywall, not concrete.

 

I'll lookup the info on that Netgate (I'm used to Cisco and Fortinet) and I'm already familiar with the Ubiquiti APs. I've had issues with multiple Ubiquiti APs as they don't hand off very well, which is why I don't want to run more than 1. Also, I've had reliability up-time issues with the Fortinet APs in the past which is why I don't want to use them again.

 

It would have been nice to find a wireless router/firewall w/VPN all in one appliance since this is just a home office setup. Problem is, most of the lower-end business appliances suck for WiFi and most of the home stuff sucks for VPN and business type QoS features, hence the reason for me creating this thread.

 

 

Edited July 18 by anguilla1980

[+BudMan 3,517]

2 hours ago, anguilla1980 said:

I've had issues with multiple Ubiquiti APs as they don't hand off very well,

Have not seen this and I run 3 of them in my small home.. Smaller than yours..  And I am always running the latest beta firmware.  Have a Lite, Lr and Pro..

 

As to 1 wireless router covering 1900 sqft.. Unless it was made of rice paper I find that hard to believe.. The range of 5ghz is not far, even simple wood walls can be a killer.. Reason for 3 in my home..   But if all you want is 100mbps then sure 2.4 ghz with not even good signal could handle that..

 

Your not going to find the features you want in any consumer branded anything... none of them do vlans.. They might do a "guest" network.. But none of them are going to hand tags off to the wired interfaces.. If you run 3rd party like dd-wrt or openwrt you can get those features on some hardware.

 

As to netgate - the software is pfsense.  Free, you can run it on your own hardware if you want as well.  If you don't want to buy actual appliance.

 

edit: Just looked that logs for switching from 1 AP to another..

 

Perfect example of walking about the house and moving to different AP, here she moved from 5 to 2.4 and then back to 5.. I have walked about the house while on wifi calls etc.. and never dropped anything... So yeah have not see that issue at all.

[anguilla1980 18]

I've come across the Linksys WRT 3200 ACM for running DD-WRT, funny you mentioned DD-WRT. Would buy the booster antennas if I went this route. Any experience with that piece of hardware?

 

At the MSP I used to be CISO for, we deployed those Ubiquiti APs a ton. Many clients, we had issues with handing off. It was a huge PITA and just put a bad taste in my mouth for the product. This was only a year and half ago.

 

I don't need to cover my entire house, I don't have HD TVs in my garage. Where the ISP modem is, is a common wall with my living room and office. Made it easy to run a cable thru the wall into my office for my Cisco switch. My master bedroom and kids bedrooms not far away.

 

Thanks a lot for the info and recommendations, I really appreciate it. It's been a while since I've been in the weeds on this stuff.

[+BudMan 3,517]

14 minutes ago, anguilla1980 said:

Many clients, we had issues with handing off.

And what was the scenario?  What client(s).. Were you trying to do fast roaming, etc. etc..  See my edit... While I don't have a ton of mobile devices.  Mine and wifes phone, ipad a few laptops. My work and play one, and wifes.. These are the devices that move about the house.. Have never seen any hand off issues at all - no blips, no having to reconnect wifi... I could streaming and walk through house and hit every AP and not loose connection or skip in music, etc.

 

Depending on the AP, the Firmware - the features on and off, then sure I recall some instances of issues on their forums... But in my home - I don't recall ever having any issues like that.. Now I had a instance a while back where I had turned on their auto optimization to test with.. And it kept my nest protect from connecting.. Its not always on, it wakes up now and then to check in, etc.  Its just on battery so its wifi use is brief and to the point so it doesn't drain its battery... But yeah it wasn't able to connect for a few days until I noticed it was listed as offline in the nest app and had turn that feature off.. Haven't gotten around to messing with it as of yet to see what was the actual cause..

 

But I am always running latest beta on both the controller and the firmware for the AP.. So I would expect to see issues now and then - and to be honest in the years that have been running.. Been very smooth - have seen some performance changes as far as speed between firmwares would be the biggest thing.  Normally in the mid to high 300's when doing speed test via iphone for example..  Very happy with that performance..

 

So since you only need the 1.. Go with the nanoHD I would say and sg3100 and your way under budget!!

[Riva 1,152]

If you need great coverage you will need a router with external antenas. AC routers work great across rooms but they need to be positioned high enough. I use an ASUS RT-AC5300 and beamforming and band redirection works with some devices - not all.Also, not all clients are AC compatible. I can load up tons of devices with fast connection etc. It does everything you are asking for except multiple VLANs. It only creates a guest wifi and a lan wifi with access to devices on the ethernet ports as well. DD-WRT firmware for this router can do multiple VLANs

[Mindovermaster 1,983]

I have an ASUS RT-N66R that I set up as an AP in the livingroom, connected to my switch. Where my Mom and my niece (when she comes over) spends most of the time using their tablets. Also my Dad uses the Roku stick, too. They get good wi-fi.

[+BudMan 3,517]

19 hours ago, Riva said:

AC routers work great across rooms but they need to be positioned high enough

Great would be a matter of opinion, and you sure your client is not switching to 2.4 when in the other room?

 

Simple enough to test look at your signal strength for your 5ghz signal, then go into the other room and check the strength.. Many clients will choose the higher strength 2.4 once the 5 drops below a level..

 

Another simple test is to turn off 2.4, test your speed test when near your router, then go to the other side of house and do the same test.  I if you get the same speed in all area's of your house then yeah your good.

 

My main AP (the pro) is mounted in the ceiling in the pretty much center of the house.. the other is in the guest room, and the other LR is in kitchen near my patio door to better cover the patio.

[Riva 1,152]

29 minutes ago, BudMan said:

Great would be a matter of opinion, and you sure your client is not switching to 2.4 when in the other room?

 

Simple enough to test look at your signal strength for your 5ghz signal, then go into the other room and check the strength.. Many clients will choose the higher strength 2.4 once the 5 drops below a level..

 

Another simple test is to turn off 2.4, test your speed test when near your router, then go to the other side of house and do the same test.  I if you get the same speed in all area's of your house then yeah your good.

 

My main AP (the pro) is mounted in the ceiling in the pretty much center of the house.. the other is in the guest room, and the other LR is in kitchen near my patio door to better cover the patio.

I keep my router on 5G mode only

[+BudMan 3,517]

26 minutes ago, Riva said:

I keep my router on 5G mode only

Must be nice - many iot devices do not support 5.. Which is only reason I still have it on.

 

So be curious to see your signal strength from one side of the house to the other, and speed test.

[Riva 1,152]

 

3 hours ago, BudMan said:

Must be nice - many iot devices do not support 5.. Which is only reason I still have it on.

 

So be curious to see your signal strength from one side of the house to the other, and speed test.

In all fairness it does drop across 4 walls but it is still aceptable. I used to run a powerline to my desktop but the data rate and constant resets became annoying. I opted in for a PCE-AC68 wifi card which solved my issue. To my surprise I can sometimes get reception in the garden, 25 meters away but I need to be standing in line to the route.

Another problem is the number of wifi networks near me.

I believe AX wifi routers (With non existent AX clients) are even better over walls

[+BudMan 3,517]

4 hours ago, Riva said:

but it is still aceptable

To who?  You?  Ok sure that is fine for you.. But some of us actually like good connections.. To you it might be GREAT... To me it might suck balls

 

5ghz doesn't work good through walls - this is not news   For "you" your router in the corner of your house that allows your client on other side of the house to use the internet at 5mbps might be fine.. etc..  To me if the wifi is not FULL speed everywhere then its sucks!!

 

Users accept this sort of connection because they don't know any better is the only thing I can think of..

4 hours ago, Riva said:

sometimes get reception in the garden

Sometimes??  WTF is that?  Yeah that would BLOW!! it works 100% of the time or it SUCKS! 

 

This is my whole point.. Sorry but a single wifi router in some corner of your house is not going to provide GOOD wifi.. Its just not..

[The Dark Knight 267]

I recently bought a UniFi AP Lite for my house. Seriously blown away by its performance! Especially since my house is solid stone and brick, even for the inside walls. I had 4 old routers placed all around earlier serving as access points, all of which are now in cold storage! Although in some of the rooms it does drop to 2.4 Ghz, which is fine with everyone else in the house, but not me. I'm going to be getting another Lite in a couple of months which will give me great 5 Ghz WiFi in my whole house.

[Riva 1,152]

9 hours ago, BudMan said:

To who?  You?  Ok sure that is fine for you.. But some of us actually like good connections.. To you it might be GREAT... To me it might suck balls

 

5ghz doesn't work good through walls - this is not news   For "you" your router in the corner of your house that allows your client on other side of the house to use the internet at 5mbps might be fine.. etc..  To me if the wifi is not FULL speed everywhere then its sucks!!

 

Users accept this sort of connection because they don't know any better is the only thing I can think of..

Sometimes??  WTF is that?  Yeah that would BLOW!! it works 100% of the time or it SUCKS! 

 

This is my whole point.. Sorry but a single wifi router in some corner of your house is not going to provide GOOD wifi.. Its just not..

In all fairness I am considering an extender for the garden but the entire house is covered just fine.