Announcement

Collapse
No announcement yet.

Suggestions for Networking Equip to go with PFSense Firewall Appliance

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Suggestions for Networking Equip to go with PFSense Firewall Appliance

    To set the stage, I currently have internet service with Suddenlink. I have been renting an Arris Cable Modem/Router (includes WiFi) from them. I recently was given a Netgate SG-1100 PFSense appliance that I want to use as my router/firewall. Downstream I have a Netgear 16 port Gigabit managed switch (8 ports POE). I need to get a cable modem and a WIFI access point.

    There are plenty of lists on the internet for "compatible" Docsis 3.0/3.1 cable modems. However I would like to hear suggestions from anyone on this piece.

    Then I need to get a WiFi access point. Again to set the stage we live in a single story 3B2B 1400 sqft home, so I don't have a huge area to try and cover.

    I can make my own and have been slowly wiring the house with Cat6 cable but still have a fair amount of WiFi requirement. We both have cell phones and Kindle tablets. We have 5 Amazon Dots scattered around the house. We both have laptops. There is a Brother MFP, TV, etc etc. As I said some of this will go wired when I get the wire run to it but in the meantime it will be wireless.

    Goal would be to try and purchase equipment that will be long lasting and as future proof as is reasonable.

    Would love to hear suggestions.

  • #2
    Here have done my networking a la carte using XFinity (Comcast) always (last 20 years now) purchasing my modems and using WAPs and PFSense (long time ago it was Smoothwall).

    Here is a list of what I am using today and just finishing a second set up in a family members home with same.

    1 - Arris SB6190 modem (purchased two of these) - Costco openbox for less than $50. Historically have used Motorola Surf Board modems.
    Never have had an issue relating to using the Motorola modems. I have read about an issue with the Arris SB6190 but not seen it with my stuff.

    hxxps://www.classactionlawyers.com/puma6

    2 - Recently have switched over to using openstock discontinued Ruckus WAPs from Ubuiquiti WAPs. These are more commercial type WAPs versus a home style WAP and made to last forever. You can purchase the old Ruckus R500 now for around $50 as it has been discontinued. I have one mounted in the main floor coat closet sort of of center of the two story home and have no issues with it.

    3 - PFSense box with 6 Intel Gb NIC ports. .I use a second WAN cellular failover line. 4 LANs on a Haswell chipset with 8Gb of RAM. Second box is a Quotom with 2 NIC ports. Both are connected to a GPS / PPS for timesync. BTW only access home LAN via VPN. No ports are open at this time (years now).

    4 - I am currently 3 24 port managed switches. (> 3 years now). TP-Link with passive heat sinks. One is mounted inside of a Leviton 42" media panel. 2 are in the server rack.

    5 - I have upgraded most of the old cat5e cable now to cat6...but really not needed. It is easier to run cat5e cable and it works fine with Gb.

    I have 15 tabletop touchscreens scattered around the house. Some are Gb POE connected and some are wireless today. No issues.

    I utilize Ubuntu (prefer Ubuntu over Android for KODI) KODI boxes on all of the TVs today and they are Gb connected. (also have 3 HD Homerun tuners running on the network).
    - Pete

    Auto mator
    Homeseer 3 Pro - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e 64 bit Intel Haswell CPU 16Gb- Mono 6.8X
    Homeseer Zee2 (Lite) - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e - CherryTrail x5-Z8350 BeeLink 4Gb BT3 Pro - Mono 6.8X
    HS4 Pro - V4.0.9.0 - Ubuntu 18.04/W7e 64 bit Intel Kaby Lake CPU - 32Gb - Mono 6.8X
    HS4 Lite -

    X10, UPB, Zigbee, ZWave and Wifi MQTT automation. OmniPro 2, Russound zoned audio, Smartthings hub, Hubitat Hub, and Home Assistant

    Comment


    • #3
      Pete, thanks for your response. I was hoping you might respond. I have been following your posts on Pfsense and those you have exchanged with Michael McSharry for a while now.

      I have taken your advice. I found on eBay a Ruckus Wireless ZoneFlex R500 Dual-Band Wireless Access Point PoE 901-R500-US00 for $69.99 and a ARRIS SURFboard SB6190 DOCSIS 3.0 Modem - White for $42.18. So for a total of $112.17 I have finished out the equipment. Now I just have to learn how to deploy and configure it all. I sure I will get through it.

      Thanks for your advice. I will keep all posted on my progress and probably will need to ask some questions along the way.

      Chuck

      Comment


      • #4
        Pete, what are the performance advantages of the Ruckus vs. Ubiquiti?

        Comment


        • #5
          I have not noticed a performance advantage...but see a posted performance comparision googling...where Ruckus won.

          Products Tested

          1 - Ruckus R610 (802.11ac, 3x3:3)

          2 - Cisco Meraki MR42 (802.11ac, 3x3:3)

          3 - Cisco Aironet 1850i (802.11ac, 4x4:4)

          4 - HP Aruba AP-305 (802.11ac, 3x3:3)

          5 - Aerohive AP250 (802.11ac, 3x3:3)

          Divergent Dynamics recently validated a series of performance tests that measured the ability of five vendors’ mid-range 802.11ac access points (APs) to stream video to between 30 and 60 clients. The tests were carried out in a clean RF environment using industry-standard test tools and best practices.

          The result: Ruckus was one of only two vendors able to deliver stall-free streaming video to 60 clients in an unloaded network scenario and the only vendor able to do so in every scenario, both with and without simultaneous network data loading. No other vendor came close.

          Googling on the PFSense forum many long time PFSense forum users picked Ruckus as their favorite WAP.

          The WAPs are being utilized in many Universities across the country.

          Son works for an IT company here in the Midwest that is picked Ruckus as their WAP of choice for commercial endeavors (including Chicago CPS).

          So I thought I would give it a try and you can purchase the R500 old stock and or removed Ruckus ZoneFlex R500's very reasonable price now a days.


          Looking at Reddit see both postivie and negative reviews.


          CASP,CCNA,CCNAS,CCDA1 point · 1 year ago · edited 1 year ago
          As a certified cisco wireless engineer and a certified ruckus engineer here whom regularly performs not only site surveys but actually installs the gear. Regularly.
          I would love to kick all my cisco wireless to the curb. Its just way to expensive for gear thats not really that good. Ruckus is much more affordable, easier to setup, maintain.
          I have only ever had wireless VOIP issues with Cisco, ive only ever had to go balls deep in CLI troubleshooting on cisco, ive only ever had to wireshark on cisco wireless.
          Virtual Smart Zone it up.
          When you hear of folks saying they can use less ruckus WAPS than cisco. The situation is always this. = The current system is old cisco 5+ yrs old, of low mid end models, replaced with half as much higher end ruckus.
          heres the caveat. Cisco is fucking wicket expensive. my last quote i did was 50k cisco 22k ruckus, comparable line up. So yeah you can buy a mid level WAP of Cisco and get the highest end Ruckus Series R700 line for the same cost.... Better hardware.
          Dont get me wrong i had a fare share of ruckus issues as well. Back when they ran with the 1000 and 1100 ZD's that was a nightmare of compatibility issues. They are phasing out the 1200 now, its pretty much the Virtual Smart Zone controller to rock now.

          Ubnt radio firmware is hot garbage

          We routinely pull Cisco and replace with ruckus... It's pretty spot on with the half the amount comment, but it's dependant on design. It's most accurate in schools.

          You'll be happy with the vsz and 710s. Just a heads up we see issues when the AP reaches out to the controller for the first time if you have a firewall running UTM... Specifically AV. Once they join and update the config the first time we can enable UTM again without issues.

          We are currently using older models of Ubiquiti. We tested Ruckus R720s and in an area with 12 classrooms, one Ubiquiti AP in each classroom, we only used 4 Ruckus APs and the signal was solid. Not sure about how Cisco lines up, anything wireless from Cisco they like to push Meraki.

          It's probably true, at the very least you need fewer than the Ciscos. It will no doubt vary depending on your environment. But fewer AP's with comparable or better quality is kind of a given. Only Ruckus, to the best of my knowledge, can adjust their signal strength on the fly in any given direction (where a client is)









          - Pete

          Auto mator
          Homeseer 3 Pro - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e 64 bit Intel Haswell CPU 16Gb- Mono 6.8X
          Homeseer Zee2 (Lite) - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e - CherryTrail x5-Z8350 BeeLink 4Gb BT3 Pro - Mono 6.8X
          HS4 Pro - V4.0.9.0 - Ubuntu 18.04/W7e 64 bit Intel Kaby Lake CPU - 32Gb - Mono 6.8X
          HS4 Lite -

          X10, UPB, Zigbee, ZWave and Wifi MQTT automation. OmniPro 2, Russound zoned audio, Smartthings hub, Hubitat Hub, and Home Assistant

          Comment

          Working...
          X