WelcomeUser Guide
ToSPrivacyCanary
DonateBugsLicense

©2026 Poal.co

153

It needs to be rack mountable, 1-2Us. Ideally I'd like to spend no more than $300 on it. Any more than that and it needs to be well worth it.

Doesn't really need to have beefy specs, just a decent dual or quad core CPU, 4-8 GB RAM, and it doesn't even need to have a hard drive as I have plenty of spares on hand. Must have two or more NICs, gigabit or better.

I'm open to application-oriented equipment if it can meet my needs, but the current plan is to just throw OPNsense on the machine.

It needs to be rack mountable, 1-2Us. Ideally I'd like to spend no more than $300 on it. Any more than that and it needs to be well worth it. Doesn't really need to have beefy specs, just a decent dual or quad core CPU, 4-8 GB RAM, and it doesn't even need to have a hard drive as I have plenty of spares on hand. Must have two or more NICs, gigabit or better. I'm open to application-oriented equipment if it can meet my needs, but the current plan is to just throw OPNsense on the machine.

(post is archived)

[–] 2 pts

If you don't mind it being different than anything else on the market, Mikrotik makes some decent stuff. I've had an RB2011U in my rack for a number of years. It rarely gets rebooted and has been pretty dependable. Couple of the ports have lost their ability to do anything more than 10baseT over the years, but I can't complain.

https://mikrotik.com/product/RB2011UiAS-RM

[–] 1 pt

PoE has my interest. My WAP supports PoE, but my switch doesn't. I wonder if I could power the WAP from the router? Not sure how that would work network-wise though.

[–] 0 pt

I have no idea, to be honest. I just use a commercial router with Tomato (in switch mode) for a WAP, it sits elsewhere in the house. You may be able to power something like one of the Unifi devices, but I have no experience with that.

[–] [deleted] 1 pt

I tried out RouterOS before, it is powerful but my god is the workflow autistic, it would make Germans jealous

[–] 0 pt

Yep. It’s the “If you like pain” system. It’s better than it used to be, at least you get a basic setup now instead of having to program everything.

[–] 0 pt

Can you give me a good example of this?

[–] [deleted] 1 pt

Just setting up interfaces alone requires unnecessary steps, instead of just setting up the gateway address/netmask on an interface directly like you would on almost any other firewall, you have to create a subnet/network object in a separate tab and assign that to an interface there, not the worst example but certainly not used to doing it this way.

[–] [deleted] 2 pts

I use one of these. I've had it in my IT closet for about 3 years now. I added a 120mm usb fan on top to make sure it stays real cool in the enclosed space. https://www.amazon.com/Firewall-Appliance-Gigabit-Celeron-AES-NI/dp/B07G9NHRGQ/ref=sr_1_3?th=1

Load pfsense or opnsense on it.

[–] 1 pt

Mikrotik makes a great router focused on moving bits. Great feature set - DHCP, VLAN, VPN etc... However, security is arguably a bigger issue than throughput these days. I use Ubiquiti USG-4 Pro Gateways for the behavioral scanning as well as packet inspection. Just make sure you stay away from using the unifi cloud. Run your controller locally and generate your own AES keys.

[–] 1 pt

Netgate has good pfsense routers that are beefy. I've used a few. Problem is theyre all gigabits rn. If you're going to spend that much, you might as well go 10gbe and upgrade your network. In my area we are already getting 1.4 gig speeds in residential.

I'm doing a hp proliant microserver with a dual intel 10gbe nic and pfsense in a vm as a router (800ish). Everything consumer grade for multigig is shit and expensive 500-700 with the new wifi 6 standards to further irradiate your household.

Just build a router and add APs if you need wifi.

We're hitting that point where everything is going to have to be beefier for multigig networks. Faster processors and more memory, these consumer grade routers from asus linksys and other shit aren't going to cut it.

[–] 0 pt

I like the Proliants. We have a bunch of them at work, and they're solid beasts. Takes about three years to boot one up, but they'll run forever. I like them better than the PowerEdges.

We're hitting that point where everything is going to have to be beefier for multigig networks. Faster processors and more memory, these consumer grade routers from asus linksys and other shit aren't going to cut it.

Yeah, no kidding. Apparently Walmart even still sells routers with 10/100 ports, and they're like $40. WTF? Wifi is even faster than that now.

[–] 1 pt

Ubiquity dream machine pro. its 1u, rack mountable and can also run your NVR if you have cameras. Supports gig WAN, 16 gig LAN ports, 2x SFP+ for 10gig cost is ~400

[–] 0 pt

Now that's what I'm talking about. Thanks, I'll look into that.

[–] 0 pt

It also runs the Ubiquiti security appliance as well so you can get DPI. If you use Ubiquiti access points it can also manage them (networks/firmwares/etc).

If you want to do VOIP it also has a VOIP appliance that works with their line of VOIP phones.

I have been using one for a while now and had a few issues early on (bought it the week they released it) but after a few patches its been very stable.

I also have it using a dynamic DNS client to update a DNS record on namecheap and I have it running a VPN service so anytime im away from the house I can vpn in from my laptop/phone.

There is plenty more that it can do... I just have not had the time to really get everything I want going yet.

[–] 0 pt

Unfortunately they're sold out at the moment, but I'll keep that one on my list as a strong contender.

[–] 0 pt
[–] [deleted] 0 pt

I've been looking for one myself to replace my piece of shit Ubiquiti Edgerouter X that crashes all the time, what is everyone's opinion on using used enterprise UTM firewalls from manufacturers like SonicWALL or Fortinet?

[–] 0 pt

I absolutely hate sonicwall. I had to manage a bunch of those at various sites for a long time and they never seemed to work "right". First chance I had I replaced them all with MikroTek (only thing they would be willing to spend money on since they were so cheap but actually worked).

[–] 0 pt

Personally, my primary concerns, and there are many, would be stuff like power usage, noise, security (still getting patches?), size, price, and availability. If those things all check out I would consider it.

[–] [deleted] 0 pt

An issue with those I found is that they usually need a paid subscription if you want to use any of the UTM selling points, or they are often still registered to an organization or msp with no possibility of transferring licensing ownership, they can be used as regular firewall appliances otherwise.

[–] 0 pt

I've used Asus routers running AsusWRT-Merlin for years. The uptimes are as long as it is between firmware updates. The range is incredible compared to shit routers. I'm in a suburban environment with a dozen or more APs visible from my home and still get about 200 feet of range in 2.4 GHz. The best Asus router right now is the RT-AX86U. It is years newer than the larger RT-AX88U.