Best wireless router / firewalls

hardtech · Dec 27, 2016

Hi,

My office is currently connected to internet using LINKSYS E1200 v2 DD WRT router. It hangs up almost at same time everyday around 1pm. and i have to restart it to work again... Any solution for this to be solved? I guess upgrade for same firmware is not available.

I am also trying to replace this router with a better one which have a higher wireless signal (ground floor and 1st floor) around 27 users. 1) Please suggest a good router with wifi... 2)Is it good to go with a firewall and another wifi device ? INCOMING INTERFACE SHOULD BE RJ45

jsmithepa · Dec 27, 2016

I never like router + WIFI in one box. Because this configuration tend to put the WIFI radio in a corner of the building when the WIFI radio should be in the middle of the building. So now you don't have to ask me what's better.

My own next upgrade, I want a rule-based hardware firewall (Internet Appliance?) with Internet Load Balancing (QOS?) so nobody can start a huge download and slow down everybody else. WIFI Access Point, its sole function, place it anywhere there is an ethernet jack. Update to WIFI technology? just replace the AP, not touch anything else.

dgingeri · Dec 27, 2016

Use an old or low end (Intel Atom or AMD A4, I use an AMD A4-5200) PC running pfSense for your router and use a separate wireless access point. This allows you to secure your wireless by getting an AP without WPS (HUGE security hole!) and upgrade it later as wireless technology advances without having to replace and reprogram your router. You can even keep multiple wireless APs up with different technologies to keep from having to reconfigure old wireless hardware. I recommend Xclaim wireless APs. They're expensive ($89 on the low end, $249 for a 6 channel AC version) but very secure.

Wireless AP: https://www.amazon.com/Xclaim-Single-Band-802-11n-Indoor-300Mbps/dp/B00OZ9IP6I/ref=sr_1_2?ie=UTF8&qid=1482876772&sr=8-2&keywords=xclaim
or: https://www.amazon.com/Xclaim-Dual-Band-802-11ac-Indoor-1-167Gbps/dp/B00Q5PG3KA/ref=sr_1_1?ie=UTF8&qid=1482876772&sr=8-1&keywords=xclaim

Router hardware: https://www.amazon.com/Firewall-micro-appliance-Gigabit-pfSense/dp/B01KLEI1MI/ref=sr_1_10?ie=UTF8&qid=1482876838&sr=8-10&keywords=pfsense+router

c0rr0sive · Dec 27, 2016

I second the PFSense route and using multiple wireless AP's... Tons of options in PFSense to help control your network, as well as packages to create web-filters to prevent employees from visiting the likes of 9gag all day every day. But, it has a learning curve that most wont find enjoyable.

dgingeri · Dec 27, 2016

For the basics, pfSense is very easy to work. It takes minutes to build a secure router with DHCP and DNS. It takes about an hour to get IPv6 working. The more advanced features do take longer to learn to install and configure, but they can be done later.

c0rr0sive · Dec 27, 2016

*shrugs* for basics yes, for me, never could get IPv6 operational, I can thank my ISP for that one. I just don't see the point of deploying PFSense if you want the "basics" though.

dgingeri · Dec 28, 2016

The point of pfSense just for the basics is specifically for security. It's ten times as secure as an off the shelf router without any extra bells and whistles.

X79 · Dec 28, 2016

Get a Turris Omnia. It's better than most of the other junk.

nigelivey · Dec 28, 2016

Pfsense for basic use isn't worth the bother, I would question the claim that it's 10 x more secure than anything else and I'm a Pf user in the commercial space but fanboism isn't my thing.

c0rr0sive · Dec 29, 2016

Yeup... There are plenty of good secure devices out there, to me, straight out of the box, PFSense is no more secure than any other router like device you can buy. It's all in how you have configured and secured it that sets it apart.

dgingeri · Dec 29, 2016

pfsense is much better than off the shelf routers, even at its most basic. Every single off the shelf router has a major vulnerability that pfsense doesn't have: long delays to fix security issues. Every time a vulnerability is discovered in off the shelf routers, it takes manufacturers months to get a fix out. Half the time, they don't even bother or don't even hear about it. The most recent issue with Netgear's routers shows that. pfsense is maintained by a community of dozens of people "on the ground" and using the product, not some remote executive in charge of a department that doesn't ever touch the product and 3 or 4 engineers and half a dozen testers. The pfsense guys fix the issues quickly. They also test and find the issues quickly.

On top of that, pfsense is based on OpenBSD, which is extremely secure to begin with. Most off the shelf routers are based on Linux, that doesn't use the same security mentality in its design as OpenBSD.

Finally, when was the last time you had an off the shelf router that didn't have to be rebooted at least once a week? The last 3 I had had to be rebooted daily because they'd keep locking up. pfsense can be built with hardware that doesn't have that reliability problem. A pfsense VM on a server never has to be rebooted unless the server itself does.

dgingeri · Dec 29, 2016

If you want more reasons why pfsense is better than off the shelf routers, take a look at this:
https://forum.pfsense.org/index.php?topic=97548.0

From the people that use it and support it.

dgingeri · Dec 29, 2016

Here's something else to consider: http://arstechnica.com/gadgets/2016/01/numbers-dont-lie-its-time-to-build-your-own-router/

The article is kind of old, and the guy uses a Ubuntu server instead of pfsense or opnsense, which are more geared to being a secure router, but it still shows significant advantages in performance of a "homebrew" router over an off the shelf router.

nigelivey · Dec 29, 2016

dgingeri :

Unless you go and by a Sonicwall or Cisco off the shelf? There is a reason why those with proper security concerns don't use open source distros. As stated I'm a regular user of Pf but its not without its flaws and glitches, you claim it never has to be restarted unless the server does but that simply isn't true, Pf does lock up and CARP doesn't always save you. If security was a huge factor you would use a stand alone appliance not a VM. The fact that bugs are regularly fixed only means there are regular bugs found. There were 60+ bugs fixed in the latest release 2.3.2. So whilst I'm a fan, sweeping statements about how great it is aren't really that helpful.

dgingeri · Dec 29, 2016

I'm not talking a VM off something like virtualbox or vmware player. I'm talking a VM on something like Hyper-V or ESXi Hypervisor, where the VM's access to the internet could be completely isolated to just the VM, while other VM servers could exist on the same host using the same network connection to the internal network as the pfsense VM. Done right, a VM router can be the most secure option there is, even due to its nature as a VM. (A VM could be snapshotted at a known good point and restarted from that snapshot in seconds if compromised.)

As far as Sonicwall or Cisco routers, they aren't as secure as they like to say (I know from direct experience on both brands), and they are extremely expensive and difficult to configure compared to pfsense or opnsense. Pfsense and opnsense could match them for security, while beating them on manageability and price.

nigelivey · Dec 29, 2016

dgingeri :

I'm not talking a VM off something like virtualbox or vmware player. I'm talking a VM on something like Hyper-V or ESXi Hypervisor, where the VM's access to the internet could be completely isolated to just the VM, while other VM servers could exist on the same host using the same network connection to the internal network as the pfsense VM. Done right, a VM router can be the most secure option there is, even due to its nature as a VM. (A VM could be snapshotted at a known good point and restarted from that snapshot in seconds if compromised.)

As far as Sonicwall or Cisco routers, they aren't as secure as they like to say (I know from direct experience on both brands), and they are extremely expensive and difficult to configure compared to pfsense or opnsense. Pfsense and opnsense could match them for security, while beating them on manageability and price.

My point being relevance, the OP is swapping out Linksys not building a data centre, having a techoff offers little to solution.

dgingeri · Dec 29, 2016

That's another nice thing about pfsense and opnsense. They're scalable, to a certain extent. They'll run on an old PC someone might have sitting in the basement for the last 10 years or on a brand new dual Xeon E5 36 core server. OK, so it is preferable to have dual core and at least a 1GHz processor and well as a system with 2 NICs, but left over hardware is still far better than buying new.

They're even able to be put as one VM on a home server running a free version of VMWare's ESXi Hypervisor with a network file share and media server like I had running before my last move. (I still haven't reassembled it to get everything back up and running. Running my old AMD A4 pfsense router right now, which I never had to reboot for the year and half I had it running before the VM. Now it has been running for 3 months in my new home without a reboot.) That flexibility would allow anyone with an old PC to have some sort of solution to having a secure router instead of the crap they sell off retail shelves.

nigelivey · Dec 29, 2016

dgingeri :

Yeah, you obviously missed my point. I have been using Pfsense in the commercial space for nearly 8 years, there isn't much you can school me on be it Cisco, Juniper, monowall, Sonicwall, Pf, and MikroTik, I regularly deploy Ruckus, Ubiquiti, Meraki and Aruba equipment. You are preaching to the converted. This still isnt helping the OP.

c0rr0sive · Dec 29, 2016

t. They'll run on an old PC someone might have sitting in the basement for the last 10 years

Yeah... I wouldn't do that, and 2.3.3 when its released will be the last version to support x86. So unless you wanna run PFSense on power hungry 10 year old hardware, be my guest?

Best wireless router / firewalls

Honorable

Polypheme

Distinguished

Reputable

Distinguished

Reputable

Distinguished

Honorable

Splendid

Reputable

Distinguished

Distinguished

Distinguished

Splendid

Distinguished

Splendid

Distinguished

Splendid

Reputable

Share this page