Configuration : I am planning to make five VLANS:
VLAN 10: Employees (Bandwidth limiter 10mbps).
VLAN 20: Managing Directors and their printers.
VLAN 30: CCTV Devices and NAS for storing footages.
VLAN 40: Guest WIFI which only have internet access(Bandwidth limiter 1mbps).
VLAN 50: Linux Server.
Currently we are having a 50mbps up/down plan and planning to buy a one more line of 50mbps and load balance them.
That TP-link box isn’t a router, I’m pretty sure, it’s a box for spinning up VPN servers.
If you are getting paid for this, then it looks like you have a good opporunity to learn too.
No idea what your knowledge or budget is, but it might not be enough to get operational.
I’m with @BoatYardJunkie pfsense might be a better option you can install it on your own kit, though it will be challenge to support it if you are not already using it. Those MDs will be shouting at you !!!
LOL your guest wifi will suck, oh boy you better also setup a guest wifi for MD’s guests or they’ll be kicking you in the balls !!!
The traffic shaping options in pfSense are really cool, you can baisically use all your bandwidth all of the time, your approach is less optimal. Those employees will also be kicking you in the balls. In pfsense you can easily simulate what a 10mbps connection feels like, lord browsing sucks unless you have adblocking, and all other crapola blocked.
While I don’t use unifi, it seems their interface is better, go with them including their switch.
Give yourself a break and rescope your project, try and increase your budget !
I am beginner and do not have much knowledge about the things.
In our area we can only get 50mbps connection all in all so I do not have any option beside of controlling the bandwidth of guest and employees. And it is a Pharma company so they does not need much bandwidth to do things, Most of their software and all works on local Linux server.
Pfsense devices are not available in our country so I do not have a any other option than Ubiquiti .
One more question : Is edge router lite good or edge router X ??
If you are starting out, you have a lot of reading to do !
I don’t use Unifi, but in your situation it’s the way to go. I’d suggest reading the product manuals for device you intend buying they usually detail the units capability, it will be tricky to discern what it doesn’t do.
I had tried to install pfsense and it worked successfully but I am looking for a small device and can get some support from that company so if i got stuck anywhere so i can contact them
Does your ISP supply a router?
What type of connection is it (Cable, ADSL, VDSL)?
Is your server virtualised?
If you have a router from your ISP then I assume you are looking to replace that with a better one (as the ISP supplied ones are normally junk). Draytek make some excellent routers that support multi WAN and VLANS and I think will allow you to do rate limiting although as @neogrid said, that might not be the best plan in reality, QoS is probably a better solution.
If you have a server and it isn’t virtualised then I would recommend virtualising it, you could then run pfSense as a VM although lots of people do not think that is a good idea. It’s fine, it works, I do it all over the place but it is arguably “better” to run it on netgate hardware. Given that negate hardware is not available to you running it on your own hardware or in a VM is a sensible option.
If you go with the pfSense option it would be worth doing another couple of vlans for WAN1 & WAN2 so you can plug the ISP router into the switch and then get it to pfSense rather than using a dedicated NIC on the server.
Where in the world are you? Could someone ship you a netgate box or would that be costly because of tariffs?
Yeah that’s implementation / consulting stuff ! Netgate do sell support packages, no idea what is included but I wouldn’t imagine it includes implementation.
MD’s act like children, so you can easily imagine when you changeover they will be screaming when internet access is slower with double the bandwidth ! You didn’t mention your upload speeds, but if they are low you might have the issue that acknowledgements are slow which results in your download server throttling the speed. This can happen if your ISP connection is asymmetric. Just something to keep in mind when making promises.
No issues with virtualising the router but when you are troubleshooting it’s now two things to consider.
My isp provides me connection through cable pppoe type and I had finally orderd the edge router lite 3 I think it will make some sense for me.
I am from India and to get netagte stuff taxes go high more then the cost of product.
To run things in VM I do not think it will be a good option because in future if i am replaced and the next person is not able to handle things then ?
So i had researched a lot about erl3 and a dealer was giving me at a good price with 3 years of support so gone for it !!
I wish you luck with the Edge Router Lite, I have used the edgerouterX and was not a fan. Price point is awesome, until you go to configure it. It is not the easiest thing to configure, and it very quickly for me became something that I hated working with. Play close attention to the firewall rules to ensure your connection is secure.
I would also echo the PFSense option. I realize you can’t get netgate locally, I would recommend something like Protectli (https://protectli.com). I use these in several locations and they should have no issues handling the 50mbps+50mbps connection requirement. You could still get pfsense support even though you don’t have a netgate device.