Hello all… I need help in moving away from Cisco. Here is my current setup…
Cisco Meraki MX64
Cisco MR33 (Qty 2)
I would like to replace the above equipment with some that does not require annual licensing fees. I am not partial to any company, but would like some suggestions as to where to look. I know Ubiquiti is very respected on these forums, but I’m not sold on their VPN solutions or firewalls. If I am misinformed, please feel free to let me know. Here are the details of the company…
22 onsite users (all hardwired)
2 Access points (1 upstairs and 1 downstairs)
10 users using VPN to access the server from home
Need guest access for wireless network
Phones are VOIP (25 total) but are on a completely separate network
ISP Speed 600 mbps
If more information is needed please let me know. It’s been quite a while since I have had to make hardware changes, but finally have the go ahead to start looking. Thanks in advance for any and all help.
Most people on this forum use pfsense and with that said I would recommend pfsense . It will be able to handle everything you are inquiring about. Traffic shaping for VOIP and open VPN (also L2TP and IPsec). Now, finding the right hardware and budget I’ll let you decided.
You may want to check out Fortinet since they are much cheaper than Meraki and will have firewalls that won’t bottleneck your 600 Mbps.
It really sounds like you are wanting to make the switch purely for cost reasons. One of the reasons an org your size would choose Meraki is for the simplicity in both setup and in management. Which means to look at the cost not just from a licensing perspective but also from a man hours perspective. I bring this up because the way you framed your question suggests that network management is not your primary function, which means even if you go pfsense, forinet, or ubquiti you will still have annual support costs on top of the potential increase in man hours. As much as I like removing Meraki equipment since the Cisco acquisition if you are more of a set it and forget it person this is one area where they still shine. You could also consider fortinet which will allow you to control the firewall, wifi, and switching through a single management pane as you are used to with Meraki so the learning curve wouldn’t be as steep.
pfSense (as @xMAXIMUSx said) + Ubiquiti all the way for me but with the concerns that @sdfungi raised.
Maybe grab a cloud key gen2, and 2 AP-AC-Pro. The cloud key will just work for the most part (Set auto updates) maybe schedule a task to drop on it once a month and take a backup.
I’m a fan of pfSense as a VM so depending on your server you could go down that route rather than a hardware device. Hardware is arguably more reliable but in my opinion VM is easier to make redundant and to have a “spare” bit of kit that will run it.
Either way you need to learn pfSense or hire someone who does. The pfSense docs are good as are Tom’s YouTube videos so maybe start there and decide if that looks like something you want to take on.
Can’t agree more… We have pfSense Ubiquiti, TP link managed switch and Unifi edge switch and it’s a nightmare setting it up. We barely just made it work for now…
Thanks for all the info. I’ve started looking at Tom’s YouTube guides and I can see where I will be spending much more time watching his videos. I really do appreciate all of the feedback and suggestions. Y’all are great!!