Searching for updated networking gear – gateways, firewalls and access points.
Searching for updated networking gear – gateways, firewalls and access points.
Hey there! I’ve got a bunch of Meraki equipment at home thanks to the webinar giveaway (thanks for the free stuff!). Right now I’m using an MX64 Gateway MS220-8P with a PoE L2 Switch and an MR33 AP. The Meraki license for these is about to expire, so I’m on a 30-day extension—20 days left. I’m searching for alternatives, preferably entry-level or prosumer options. I mainly need the Gateway and the AP; the Switch isn’t really in use (besides the AP), and I have some older Gigabit switches that don’t meet my needs. I also have a TP-Link Archer C9 router, which works fine for Wi-Fi but uses outdated AC tech. My basement is small, so LAN speeds haven’t been great even with the MR33.
I’m after devices that support:
- Hosting a VPN server directly from the firewall or router’s dynamic DNS (preferably built-in)
- Basic intrusion protection (IPS would be nice if possible)
Budget-wise, I’m open to anything affordable but still enterprise-ready. I’ve thought about UBNT products before—EdgeRouters and Unifi APs—but haven’t found a solid pick yet. The Dream Machine was on my list, but the non-Pro version seems slow with security features, and the Pro model is way too pricey. I’m not tied to UBNT, just looking for what others recommend.
If you have any ideas or suggestions, I’d really appreciate it!
I really enjoy untangle. It's straightforward to operate. The interface is clean with many filtering choices. The free version works well, or you can pay $50 a year for the full home version with a complete web filter, plus L2TP VPN and other advanced tools. I appreciate the Unifi APs; they all function nicely. There aren't any powerful machines in this price range that fit my setup without monthly charges. The TP Link Omada seems to be the best option available.
Thanks for the details. I'll review those products carefully. It seems I probably won't need more than one AP, so the setup shouldn't be too complicated—if I secure the Unifi AP, I might host my own controller using a VM.
I'll take a look—thanks. The standard home version costs $50 per year, while the advanced home version is $150 annually. $50 a year (USD) seems reasonable if it fits my requirements. I’d rather run an appliance than use it as a VM, though the VM can help with testing. Great. I’ll probably try the AP in any case.
The Cisco ASR9922 and 8818 models might be in question, but I'm keeping it light-hearted. Without the licenses, I'd miss my Meraki devices because of the costs. For a more budget-friendly setup, used gear from eBay or platforms like Unifi or Mikrotik could work well if you're looking for an enterprise-friendly option.
I’d still be using the Meraki gear unless the licensing fees were too high. For a home or office business, it makes sense, but for personal use… not so much. I probably won’t use Mikrotik anymore. We have several at work, and I really dislike them. The controller feels like a clunky AP add-on that was tacked on, and we often have to restart the AP to maintain good performance.
It seems we encountered a few challenges. We only have two generations of their APs, and the older ones only support Passive PoE which doesn't meet the standard PoE specs. This means we can't use our HP Aruba PoE switches; instead, we need a simpler PoE switch from Mikrotik. The biggest issue is the controller—it's difficult to adjust settings, as the interface is very poor and requires constant searching for the correct options.
UDM "Base" delivers a baseline speed of 850Mbps when IDS/IPS is active, yet if it struggles with numerous APs and clients, each device can easily overwhelm a gigabit connection. I suggest Untangle as the leading option for routers, and PFSense as a secondary alternative. Both can be set up on ready-made hardware or customized for your own x86 system—your pick of the hardware or a third-party "router appliance" such as Protectli works well. Unifi APs remain a solid option. Many other brands are now offering strong performance too. I’m particularly fond of Ruckus Unleashed, though it only makes sense for home use if you purchase used from eBay. I opted for Ruckus because of my familiarity with the technology and their patent on antenna-based beamforming, which offers clear advantages over radio-based methods most competitors use. Ruckus APs are considered the gold standard, serving as a benchmark for all other WiFi 6 APs and clients. Mikrotik hasn’t updated CAPsMan significantly in years; I retired a long-standing hAP-AC setup there in favor of the Ruckus configuration.