Searching for a new router.
Searching for a new router.
Hello, I’m eager to purchase a new router for my parents’ home. Right now we’re using a router supplied by the ISP (Telekom – Speedport W724V), which has limited capabilities but served us well enough. I haven’t considered upgrading until now. The main reason I want a different model is that I set up a NAS and experimented with web servers on my Raspberry Pi. My domain is linked to the router, which forwards requests to the devices. This setup works fine for external traffic, but inside the router it blocks access to itself, likely to prevent NAT loopback. Since I can’t turn off this security setting, I’m unable to reach my devices using certain domains. I’ve heard some users manage to disable this protection for specific domains, but because data appears to go through the router twice, it could become a performance issue when moving larger files.
I’ve configured a DNS server on my Raspberry Pi, which operates smoothly and redirects sub- or internal domains to the correct IP addresses. However, changing the router settings is tricky—currently I’m stuck between “Telekom” and other ISPs in the menu, which blocks some support features I don’t need but might be useful if needed. Even if I manage to adjust it, I can only change the IPv4 DNS server, and since most home devices are IPv6 ready, reverting back would be unnecessary.
I’m also exploring alternatives. I found two reliable brands in Germany, though I’m unsure if prices or features match those in the UK or US. I’m open to suggestions about other models that could work well. I’m uncertain whether it’s safe to change the router now, fearing my ISP might react negatively, especially since my parents cover the monthly cost. Additionally, I’m concerned about older phone adapters connected to the router—20 years old—and worry they might interfere with the ISP’s “Entertain” TV satellite receiver that also has internet functionality.
My current plan is to set up a double NAT: connect the ISP router to the internet and the new router to the ISP router. I’m considering options like FritzBox 4040 or Ubiquiti, which have good performance and software flexibility. I’d prefer an integrated solution with a Unifi controller, possibly using a security gateway. The USG lacks built-in Wi-Fi, so I’m thinking about disabling it on the ISP router to ensure devices can reach the DNS server. Or perhaps extending the ISP router’s Wi-Fi coverage to include all devices? I’m also curious about adding another access point if needed, though that’s not my main concern here.
My ideal new router should offer:
- Extensive software customization
- Strong performance
- Compatibility with Unifi controller
- Affordable price
- Simple setup and reliable stability
- Basic security without unnecessary features
- Suitability for smart home devices and Wi-Fi coverage throughout the house
I hope this thread helps clarify things and gives me some practical ideas. Thank you for your assistance!
You look capable on the network side, so PFSense on an older desktop seems like a solid choice. It offers nearly all the settings you might need, except for real-time deep packet inspection—which would need powerful hardware. It’s free if you already have an old machine and a spare network card. You could save the money to buy another Ubiquiti AP and then arrange your setup as Internet → ISP Modem/Router (WiFi off, though I’m not sure NAT can be turned off without affecting satellite receivers/phones) → PFSense → Ubiquiti AP, keeping everyone satisfied. The only trade-off is more time spent configuring and no compatibility with unified messaging apps.
I fully align with sazrocks. I deploy pfSense both at home and in the office. At home it runs on an older dual-core setup with a few RAM modules and a second network card. In the workplace we use a compact device from Netgate. Both systems have proven highly reliable, and pfSense also integrates excellent extensions like bandwidthD and Squid.
I actually have an extra computer available. The issue with this choice is that the device consumes a lot of power, makes noise, and takes up space, making it impractical to keep it running constantly. Even though I generally favor homemade fixes, in situations where my errors impact critical systems like my internet connection (which I rely on), and since I’m not at home often, I’d rather avoid any risks. This might seem a bit extreme, but I’d prefer a more reliable option here. Any other recommendations?
Consider Pfsense devices for better performance. It runs smoothly on various hardware due to its Linux foundation. On Amazon, you'll find affordable, minimal-power security appliances that can host Pfsense.
I captured a snapshot of the PFsense device’s dashboard for your reference. The interface is neat and packed with many features.
There are several minimal setups that operate PFSense or even those already equipped with it. Besides that, Ubiquiti’s edge routers appear to be another viable choice, though they may require (AFAIK) Unifi support at a price and lack AP functionality. I’m clearly steering clear of all consumer routers, since they’re far from solid in routing performance and pose many security risks—like the possibility of appending malicious commands to router URLs and executing them as root on Linux systems, which is common with some Netgear models.