Advices for a new router

Hello good people!
I am in need of a new router, the ISP router is a 3 in one solution -ONT -router/switch - WAP.
As one can imagine, it runs poorly to say generously. WiFi drops, the unit heats like a pan, internet acces sometimes drops.
So, I documented all above problems, the culprit is cleary the router.So I asked for monet from the finanace deaprtament and they allow me a budget. But comes with a catch.
The firm is having a trust relationship with an IT consulting firm and their top guy called me and adviced me to get a router.
He said" Pick any router, but be sure it’s Mikrotik".
I was a bit baffled, but he explained : Make sure you spend less time managing, administrating one device, because for sure you are needed in more places at once. Also, the main reason is that the MikrotikOS allows to import a configuration file from other device and can run exactly as intented.
This feature sold me in case of router failure.
So, anyone here with experience in MikrotikOS or router boards can advice me what model I need for the following:

  • List item

WAN failover - will have 2 ISP
GPRS/4G - a back-up connection in worst case scenario
VLANs
ProxySquid
VPN
Around 200 connections (futureproofing) now just 30-40.

However, this isn’t set in stone. If someone has a tip about a router who can do the same, or better, why not.

My preference is for pfsene or Untangle with Untangle offering better filtering and reporting but has an annual recurring cost. pfsense is 100% open source and free, but does not have good web filtering (just basic Squid) and pfblocker. Here is my Untangle review: https://youtu.be/WYhOgQ8JyYI

Here is my Untangle VS pfsenes https://youtu.be/G8Kw7E1tuc8

As for Mikrotik, I feel they are overly complicated to get setup and working.

3 Likes

If router failure is an issue simply buy two routers !
With pfsense you can just load the config to the second unit too.

If you don’t know pfsense then the learning curve might be steep.

Great videos, and I completely agree that some features are great in pfSense and some are great in Untangle.

I have been using pfSense as main edge gateway router followed by Untangle in bridge mode for a few years now. IMHO it is the best setup these products can provide.

Perhaps an idea for another YT video? pfSense + Untangle.

3 Likes

I am not likely to do a video about that because it is not something that we would ever really use. Most of my videos are about things we use in production or some lab videos for testing.

I would add Fortinet to the list of products to consider. The 60F would likely support all of your requirements.

Fortinet has a history or really poor security practices so I avoid them.

In my view it is similar to a firewall shipping with a default username and password. You should always generate a new key when you get a firewall. Same with changing the username and password. If that is done how much more insecure would the firewall be than other options?

The hard coded keys required firmware updates and because the code is not open source you have to wait for them to compile new versions.

The worst of their bad coding practices was broke down here using CVE-2018-13382 “The magic backdoor”

IMO, untangle home is awesome! I am going back to Untangle with the Home Pro license for 50$ a year. Currently have the Mikrotik RB4011 and like it but like LTS_tom said they are very advanced and not easy to use. They arn’t hard but but it takes some thinking for how they work, and IMO they are a router nothing else that’s it, kinda like Pfsense.

I’ve been a Untangle fanboi for 10+ years, and keep going back to it. My new Box arrives today. I shal post pics and a write up about it today.

Thanks Tom for all your reviews and videos. I’ve managed to conf my pfSense by reading, and following your videos, great way to get started. So far it’s working wonderfully with my home network. I don’t require a whole lot, two networks, LAN and WiFi (ioT). I currently have Snort and pfBlocker NG along with a few other packages. I’m considering replacing Snort with Suricata, more so I can learn more, also watched the video on that. I’ve also setup another box with Untangle (I have two WAN connections through my ISP). Untangle seems good once the initial setup and if you pay $50. My WiFi is setup using TP-Link Deco 20X (set of 3) in bridge-mode on the pfSense network, (I’m on a hide from the wife budget). So far, everything is running great with pfSense and and the WiFi network. Since you have experience with both pfSense and Untangle, paying $50 US (about $75 CDN) per year, is Untangle worth the yearly cost? I did watch your video, but I’m still kind of on the fence which way to go. I’m retired, so do have the time to learn and keep things up to day.