Consider swapping the Fortigate 60C with a router and adding 2-3 access points for better connectivity.
Consider swapping the Fortigate 60C with a router and adding 2-3 access points for better connectivity.
I handle IT tasks and am relocating next month. My setup now includes a Fortigate 60C with a failing fan that was always loud. I installed DDWRT on an Asus router and used it as a wireless access point with VDSL2+ modem—it's still working. In my new home, I'm connecting CAT7 cabling and using a small 6U networking closet for the modem, router, and NAS. Wall outlets are available in nearly every room. It's a single-story apartment with concrete walls.
I need:
- A solid router (not just an AP) that supports IPSec
- Ability to create tunnels for testing home VLANs, IPv4 policies, PPPOE dialing via the DrayTek modem
- At least 1 Gbps switch built-in
- PoE capability (quiet fans preferred)
- DDNS.net integration
- Internal logging features
- Two to three PoE access points (no need for a constant controller like Ubiquity)
- AC support up to 2.4 GHz and 5 GHz
- VLAN management with multiple SSIDs (for IoT devices like smart bulbs)
- Discreet hardware—avoid bulky ASUS units; wall or roof mount preferred
- Stability for long-term use, not something I have to constantly configure
Network performance: Only 100 Mbps down and 3 Mbps up via VDSL2+. Local file transfers are frequent. I want to build a reliable home network without overspending on enterprise gear. I’m familiar with Fortigate and MikroTik but not typical home networking equipment. Any suggestions would be great!
Just wanted to explain that Ubiquiti APs require only a controller during initial setup—you can install it on your PC, phone, etc., and once programmed they operate mostly automatically. You only need the controller continuously if you want logging data (if you already have a 24/7 running lab server, you can use the Unifi Controller as software). You won’t need a cloud key like with the Ubiquiti cloud key. For firmware updates, the controller must be active, though you don’t have to manage it manually via SSH. Regarding routers, consider the Ubiquiti Edgerouter 4 or Lite; it lacks built-in switches. I’m not sure what IPsec throughput you’ll need, but I doubt consumer brands would meet your expectations in features.
I chose Mikrotik for its affordability, but if you need good wireless options, Ubiquity is the better pick. I have some sites running on Mikrotik APs that work fine.
At my job, we primarily rely on Ubiquity for internal networking. I really enjoy it—it's straightforward to learn and their support is quick when I can't find useful forum discussions or help articles. Since I have no prior experience with Mikrotik or Fortigate, I can't make a detailed comparison.
We use all three Ubiquiti solutions effectively. Wireless excels, while Fortigate offers strong power with robust licensing for firewalls and deep packet inspection. Mikrotik provides exceptional capability but comes with a challenging learning curve.
That's helpful to know. I initially believed a controller was essential. I also received ideas about using a PFSense box on a small factor PC with two 1 Gbps NICs... I'll search for a used FortiGate. Most people rely on older models as a backup in case the main unit fails before warranty replacement. Anyone has any experience with the TP-Link Omada EAP225? It's significantly cheaper than Ubiquity. Thanks for all the advice!
A PFSense unit would be ideal. Alternatively, you could purchase a ready-to-use PFSense router from retailers like Netgate, though they aren't very affordable. Those TP-Link APs are quite impressive and offer good value for the price. I haven't seen them before.