- My Forums
- Tiger Rant
- LSU Recruiting
- SEC Rant
- Saints Talk
- Pelicans Talk
- More Sports Board
- Fantasy Sports
- Golf Board
- Soccer Board
- O-T Lounge
- Tech Board
- Home/Garden Board
- Outdoor Board
- Health/Fitness Board
- Movie/TV Board
- Book Board
- Music Board
- Political Talk
- Money Talk
- Fark Board
- Gaming Board
- Travel Board
- Food/Drink Board
- Ticket Exchange
- TD Help Board
Customize My Forums- View All Forums
- Show Left Links
- Topic Sort Options
- Trending Topics
- Recent Topics
- Active Topics
Started By
Message
Looking for a home router to replace an ERX
Posted on 8/18/24 at 12:22 pm
Posted on 8/18/24 at 12:22 pm
To make a long story short, the ERX I've been using as my home router had the port used for WAN fail so that if the link goes up, the device goes down. I managed to get another port reconfigured as WAN so it's back in action for now, but it definitely seems to me that it's in need of replacing. It's about 7 years old at this point so it's had a good run. Looks like they're still selling them, so I may end up just getting another one, but I'm wondering if perhaps there may be something else out there that might suit me better, so I'm here looking for some suggestions.
I do a fair bit of self-hosting so my home network is more robust than most, but not absurdly so. I'm also kind of a frugal bastard so I tend to keep things on the relatively low-end when I can. The ERX suited me perfectly since it's still cheap as hell (sub $60) yet pretty robust in featureset. I definitely need at least basic firewall rule support including port forwarding and ideally geofencing. I have maybe 2 or 3 VLANs and would want any replacement to support that. I've floated between VPN types over the years but right now the ERX runs a Wireguard server and I would definitely like for its successor to do so as well. I used to have it also running Tailscale (to use as an exit node when outside the home and to advertise home routes for non-TS-connected devices), and while it technically still can, the internal storage on the ERX is not big enough to support both WireGuard and the newer Tailscale packages simultaneously. Ideally successor router could do both, but I'd settle for just a WireGuard server. Currently all my devices are 1G, but it would be nice to have the 2.5 option for connecting to a main/downlink switch (current one only does 1G, but if/when I replace it I'd prefer to have a bigger pipe back to the core), NAS my main workstation, etc. My internet is shitty Cox, and that's the best available to me, so for the foreseeable future the max WAN speed isn't a big concern. While networking isn't exactly my forte, I'm reasonably competent at it and do not fear the CLI, so I don't necessarily need something "easy", though I'm never opposed to things being easier. I'm familiar with Unifi products and have a controller container running for my APs, but I'm not by any means married to the Unifi products. The ERX actually doesn't even integrate with the Unifi products at all so I wouldn't even be "losing out" on that front by going with something else. Also, I don't really want (to pay for) the device to do Wifi as I already have dedicated APs. Having Wifi isn't a dealbreaker, though.
Here's a few devices I've looked at and some brief thoughts on them:
ERX $59
LINK
It's what I currently have. It's stable, it's probably the best value/bang-for-buck I've ever seen in a router, it's feature set is good, it's small.
ER4 $199
LINK
Would be sort of the "upgrade" to what I have. Has way more internal storage and presumably could be otherwise configured very similarly to what I have. Only 1GB eth ports but has an SFP port so I could theoretically use that for an uplink to another switch if I needed more bandwidth. I don't think for my purposes the price is really right, or at least a better proposition compared to the ERX, but it is interesting
Unifi Express $149
LINK
Would blend into the existing Unifi network I have, supports Wireguard and I think supports multiple VLANS. Not too sure how robust you can get with firewall rules, but it has potential. It does Wifi, but at least could be more or less managed in the same ecosystem as the rest of my APs
Unifi Cloud Gateway Ultra $129
LINK
Similar to the above, but instead of Wifi, it has more ports. Looks like both can do WAN load balancing/failover, but I don't suspect I would utilize that. Also looks like it can do geofencing, wireguard, VLANs so I think it could do most of the things I'm looking for. It's a pretty strong contender, though I'm not completely sold.
Firewalla Purple SE $229
LINK
This is a really interesting device that I'd like to hear if anyone has any experience with. It markets itself as being "easy", yet its feature set is very robust. Content filtering, VLANs, geofencing, VPN support, ad blocking/container support, parental controls, bandwidth tracking and graphing. There's a lot here, but I just wonder how much of it is snake oil and how much is legit.
I've heard (relatively) good things about Mikkrotik routers, but their site doesn't make it particularly easy to navigate and browse, so that leaves me less inclined to peruse to narrow down their numerous options
Synology Router RT2600ac $149
LINK
Never used their router products but their NAS products are legit. I don't really think I'd go this route but mostly putting this here for discussion sake.
What router are you using at home? What have you been eyeing?
I do a fair bit of self-hosting so my home network is more robust than most, but not absurdly so. I'm also kind of a frugal bastard so I tend to keep things on the relatively low-end when I can. The ERX suited me perfectly since it's still cheap as hell (sub $60) yet pretty robust in featureset. I definitely need at least basic firewall rule support including port forwarding and ideally geofencing. I have maybe 2 or 3 VLANs and would want any replacement to support that. I've floated between VPN types over the years but right now the ERX runs a Wireguard server and I would definitely like for its successor to do so as well. I used to have it also running Tailscale (to use as an exit node when outside the home and to advertise home routes for non-TS-connected devices), and while it technically still can, the internal storage on the ERX is not big enough to support both WireGuard and the newer Tailscale packages simultaneously. Ideally successor router could do both, but I'd settle for just a WireGuard server. Currently all my devices are 1G, but it would be nice to have the 2.5 option for connecting to a main/downlink switch (current one only does 1G, but if/when I replace it I'd prefer to have a bigger pipe back to the core), NAS my main workstation, etc. My internet is shitty Cox, and that's the best available to me, so for the foreseeable future the max WAN speed isn't a big concern. While networking isn't exactly my forte, I'm reasonably competent at it and do not fear the CLI, so I don't necessarily need something "easy", though I'm never opposed to things being easier. I'm familiar with Unifi products and have a controller container running for my APs, but I'm not by any means married to the Unifi products. The ERX actually doesn't even integrate with the Unifi products at all so I wouldn't even be "losing out" on that front by going with something else. Also, I don't really want (to pay for) the device to do Wifi as I already have dedicated APs. Having Wifi isn't a dealbreaker, though.
Here's a few devices I've looked at and some brief thoughts on them:
ERX $59
LINK
It's what I currently have. It's stable, it's probably the best value/bang-for-buck I've ever seen in a router, it's feature set is good, it's small.
ER4 $199
LINK
Would be sort of the "upgrade" to what I have. Has way more internal storage and presumably could be otherwise configured very similarly to what I have. Only 1GB eth ports but has an SFP port so I could theoretically use that for an uplink to another switch if I needed more bandwidth. I don't think for my purposes the price is really right, or at least a better proposition compared to the ERX, but it is interesting
Unifi Express $149
LINK
Would blend into the existing Unifi network I have, supports Wireguard and I think supports multiple VLANS. Not too sure how robust you can get with firewall rules, but it has potential. It does Wifi, but at least could be more or less managed in the same ecosystem as the rest of my APs
Unifi Cloud Gateway Ultra $129
LINK
Similar to the above, but instead of Wifi, it has more ports. Looks like both can do WAN load balancing/failover, but I don't suspect I would utilize that. Also looks like it can do geofencing, wireguard, VLANs so I think it could do most of the things I'm looking for. It's a pretty strong contender, though I'm not completely sold.
Firewalla Purple SE $229
LINK
This is a really interesting device that I'd like to hear if anyone has any experience with. It markets itself as being "easy", yet its feature set is very robust. Content filtering, VLANs, geofencing, VPN support, ad blocking/container support, parental controls, bandwidth tracking and graphing. There's a lot here, but I just wonder how much of it is snake oil and how much is legit.
I've heard (relatively) good things about Mikkrotik routers, but their site doesn't make it particularly easy to navigate and browse, so that leaves me less inclined to peruse to narrow down their numerous options
Synology Router RT2600ac $149
LINK
Never used their router products but their NAS products are legit. I don't really think I'd go this route but mostly putting this here for discussion sake.
What router are you using at home? What have you been eyeing?
6
Posted on 8/18/24 at 12:57 pm to LSshoe
I have the Unifi Express, I would have gotten the Unifi Cloud Gateway Ultra but it was out of stock when I needed one. I do not regret not waiting but I think I would Cloud Gateway Ultra if I had to buy one again and both were available. I do not need it for the things ou use yours for, I just like having the option should I ever want to.
My experiences with Ubiquiti have always been good.
My experiences with Ubiquiti have always been good.
Posted on 8/18/24 at 3:15 pm to LSshoe
The UniFi routers have most of the features you're looking for: port-forwarding, geo-filtering, vlans and wireguard. They do not currently support tailscale.
$129 The Cloud Gateway Ultra has 1 GB LAN ports.
$199 The Cloud Gateway Max has 2.5 GB LAN ports. It also includes the full application suite, including Protect if you wanted to do security cameras in the future.
$129 The Cloud Gateway Ultra has 1 GB LAN ports.
$199 The Cloud Gateway Max has 2.5 GB LAN ports. It also includes the full application suite, including Protect if you wanted to do security cameras in the future.
Posted on 8/18/24 at 4:30 pm to LSshoe
Don't go with any of those and make your own opnsense box 
Posted on 8/18/24 at 4:41 pm to bluebarracuda
I've thought about building my own box and if perhaps I was a single man I might (the wife hates downtime). I just don't know that I trust the combination of arbitrary hardware and a network stack I built myself to keep the core of my network running. I've actually built one as a VM as a NAT to a virtual/test environment once before so I have some experience with it. As much as i love rolling my own and building things myself, there are a few things that I just want to be rock solid. My NAS and my gateway fit in that category.
Posted on 8/18/24 at 5:47 pm to LSshoe
quote:
ERX $59
Hard to beat the devil you know
quote:
ER4 $199
Not sure you’re winning anything that you wouldn’t win by swapping from ER—> Unifi. This isn’t a “UnIfI iS aWeSoMe” post, but it’s clearly the prize child of the two. It’s sad that both product lines have advantages the other doesn’t (you can’t use MAC to isolate a client to a VLAN on Unifi gear for one but can on the Edgerouter/switch gear. Unifi, on the other hand, has most things you’ll need easily integrated, including Wireguard (you still have to manually install the server and client on Edge gear, no? When talking about what you can SSH into gear and make work, it becomes difficult to compare them. But sticking with basic feature sets!). The Network app is easy to use/configure all your firewall stuff that you’ll want to do it seems.
quote:
Unifi Express $149
quote:
Unifi Cloud Gateway Ultra $129
Of the UI gear, I would probably avoid the Express. Its hardware is slightly less robust, and it sounds like adding an AP isn’t really a priority for you. The CGU has the Network app embedded on it, so you don’t need a cloud key or external controller. The Express limits you to 5 total Unifi devices. For home, this may be adequate. In my home, it would not be (I have 2x in-wall AP (more for the ports/on-wall switch than the AP function) and 2x “standard” ceiling AP (UAP-AC Pro) as well as a switch 48 with PoE and 3 or 4 of their switch flex mini. While they tend to underestimate their hardware capability (I have 6x 4k cameras and 3x 1080p cameras + 2 doorbells running on a UDMP that calls 5x 4k cameras the limit in addition to Network and (as a test bench) Talk without any real problems/complaints in performance), they mark essentially all routing functions reduced vs the others, and you’re going cheaper to get better hardware (since the AP isn’t a real improvement for you). Of note, load balancing/failover is useless without multiple service providers UNLESS you have a port failure as you’ve experienced, but you should be able to use WAN2 as primary if you experience port failure again, however rare that likelihood maybe be. As the guy below you/above me posted, there’s a $200 router that is NVME-capable that will give you a hard drive for cameras or recording conversations on VOIP, but you really shouldn’t consider this a plus unless you were looking at those things already. The 2.5gbps ports are potentially beneficial. I definitely watched the difference between 100mbps and 1000mbps unfold and will always buy the 1gbps product. I’m not certain that I’ll ever see real-world improvement from 1–>2.5gbps. Maybe I’ll eat those words one day. But I’m just not doing anything that really justifies it. I do want to eventually move into ripping UHD locally and serving them up within the home network. But 1gbps is more than sufficient for that.
So, if it were me, thus far I’d definitely mix the ER4 and express but probably add the Cloud Gateway Max ($199) to the list.
quote:
Firewalla Purple SE $229
Content filtering, VLANs, geofencing, VPN support, ad blocking/container support, parental controls, bandwidth tracking and graphing. There's a lot here, but I just wonder how much of it is snake oil and how much is legit.
So, again, in the most non-pro-Unifi way to say it, I don’t know what of those features that isn’t just as simple AND cheaper in Unifi gear, which is more than adequate AND simplifies your management. For me, I would cross it out for that reason.
quote:
I've heard (relatively) good things about Mikkrotik routers
I own one. Without looking it up, something that’s got “Hex” and maybe “960” in the name. It’s got PoE ports + the ability to be run by PoE (and pass it through which is a very unusual ability. The only other product I know of that passes through PoE in the “reasonable price” range is the Unifi Flex. Probably irrelevant in your use case. Irreplaceable if you need it though.
quote:
Synology Router RT2600ac $149
I understand their router to be wildly basic (well, like DD-WRT or Tomato. More than a basic of the shelf router but in comparison to everything else on this list, practically useless). Their NAS is wildly overpriced hardware that has proprietary software that truly And honestly justifies the price of the hardware, if the software does what you want it to.
quote:
What router are you using at home? What have you been eyeing?
As alluded to, I’ve got a UDMP at home. And a Cloud Gateway Max at the office. And whatever the 2-port gateway that needs a cloud controller at my father in law’s house. And a UDMP-SE at his camp. His camp and home share traffic rules so that he can use his streaming TV while away. I use their Teleport (based on wireguard) to VNC/Remote Desktop into a couple computers at the office when I’m not there occasionally. I’ve got a couple servers (Plex, Emby, Channels) that have openings to the outside world in my firewall. I haven’t gone far enough to put them behind a domain or even a DNS finding service because my IP at home has changed one time in 6 years. Unifi does have ad-blocking, but I have an Adguard Home server on a virtual Ubuntu machine and forward all my DNS there for it. You can manually manage DNS blocklists right on Unifi gear if you feel like it. I’m not scared by it. CLI isn’t hard. But updating from a phone by navigating to a URL is much easier as someone who can’t really use his desktop for longer than 7 minutes before being mauled by tiny people, and the Time To Crying is even less on a laptop.
The two other things that would interest me in your situation are
1) PFsense. I’ve never used it at all, but I understand it to be somewhere between Unifi (basic/easy/most features) and Mikrotik (get good at reading man pages and googling, but every feature you can think of is there).
2) TP-Link Omada. You already have Unifi APs. It’s essentially a competitor to the Unifi network eco system, so adding a second one wouldn’t really improve a whole lot, but if you dive deep enough to fine that you want a specific “easy GUI-enabled” feature that isn’t offered by Unifi and not worth Pfsense/mikrotik configuration, it is possible that they have it (but realistically you shouldn’t consider it unless you want to change your AP to theirs, and the Omada APs are much uglier, slower to refresh, so I really probably just wasted time by bringing it up).
Just get a Cloud Gateway Ultra and call it a day. If you want to add cameras, the NVR is cheap enough that it’s the smarter buy than a UDMP(SE) or CG-Max, and you could use Unifi Talk at home, but no one really wants or needs a home phone anymore. Access is a good way to spend $500+ to open a gate or a garage door at home that you could buy a $20-100 accessory to do just as well (or better)
Posted on 8/18/24 at 6:01 pm to LSshoe
I would say get another ERX they are pretty rock solid.
Option 2 would be a netgate router with pfsense. I've looked into building my own pfsense box, but it's hard to find a decent one with dual Intel nics for less than a netgate router.
Option 2 would be a netgate router with pfsense. I've looked into building my own pfsense box, but it's hard to find a decent one with dual Intel nics for less than a netgate router.
This post was edited on 8/18/24 at 6:05 pm
Posted on 8/18/24 at 6:04 pm to LSshoe
quote:
When I initially looked at the cloud gateway max it didn't make sense but I may be coming around to it.
My office
1) protect with 1 camera
2) Network with 2x AP and about 6 switches. 80ish total clients
3) Talk with 20 phones
I don’t know of a more effective way to run that setup (as cheap than a Cloud Key Gen 2 + USG3 with more features, now that the USG3’s hardware limits some Network functions)
Posted on 8/18/24 at 7:04 pm to LSshoe
I just replaced a TPLink 6600? With a synology WRX560 (as my primary, not a satellite.) I’ve owned two of their NAS devices with the DSM software and was very happy. Worth a look.
Posted on 8/18/24 at 9:53 pm to Hopeful Doc
Doc, thanks for that robust arse post. I agree I would be hard to beat the erx straight up, plus the fact that I can take my saved config from before I made any changes and basically drop it in. It just seems that surely there would have been a more competitive produxt i. The last almost decade. Crazy that i paid $55 for that thing over 7 years ago that's still apparently a marketable product. I would also agree about the er4. Basically the only advantage in my case would be more memory for the goofy nonstandard CLI installed packages. I wasn't considering it hard if I'm being honest. My initial aversion to unifi cloud gateway type thing is the whole not (explicitly) controlled by itself thing. I have an on prem controller, but if the network is jacked, how are you supposed to control the target device from the controller over a bum network? Not certain about all of them bit if the ultra runs its own controller then that makes more sense to me. Plus all the other stuff it can do. I legitimately don't know that I'd actually take advantage of the 2.5 speeds but the main switch I use is 16 ports half of which is poe and is almost completely full so its not too unlikely that I end up picking up a new one soon and if I do I could get one that supports at least one 2.5 link as well. I agree the gains are at least on their own not worth it. I too have had unifi gear generally done well by me so I tend to lean that way. I have 2 synology NAS and I love them. Its basically the only reason why I would even consider their router, but if I'm being honest, I'm not, really. Y'all in this thread are definitely making me think hard about the cloud gateway max though.
Posted on 8/19/24 at 9:26 am to LSshoe
quote:
Y'all in this thread are definitely making me think hard about the cloud gateway max though.
If you go this route, I would probably wait for the "no storage" option available this coming Friday I believe, then add your own nvme drive later if you need it.
Posted on 8/19/24 at 9:52 am to LSshoe
quote:
My initial aversion to unifi cloud gateway type thing is the whole not (explicitly) controlled by itself thing. I have an on prem controller, but if the network is jacked, how are you supposed to control the target device from the controller over a bum network?
You can't control the target devices over a bum network. The target devices will continue operating using their last configuration. Same thing would happen if the container with your current controller died.
Let's assume you misconfigured the UniFi Cloud Gateway itself and this is the cause of the network issues. You'd hold down the reset button. You'd use the UniFi app and bluetooth to readopt the gateway. Then you'd restore that last good backup. Backups are taken automatically and stored on the UniFi cloud.
I might be misunderstanding the question.
Posted on 8/19/24 at 11:02 am to LSshoe
quote:
there are a few things that I just want to be rock solid
You cant get more rock solid than freebsd
Posted on 8/22/24 at 8:20 pm to bluebarracuda
quote:
You cant get more rock solid than freebsd
y'aint lyin, but still. For the sake of discussion, you have any recommended hardware for building out a PF/openSense box? All my VM hosts are old arse computers I've basically recycled into being servers, so there's no way I'm running my network through one of those, and I don't think I'd want to run my network off a VM anyway. I know there exists little boxes with a few NICs on them but I'd need reliable (or at least modular) hardware.
I guess because I only just started looking, but it already looked like you could buy the CGM without storage, but I appreciate the suggestion. I don't need the storage now, but potentially in the future I could see it.
And thanks for the controller-gateway info. I've only ever used the controller with APs, which is a simpler setup.
Posted on 8/22/24 at 9:10 pm to LSshoe
Posted on 8/22/24 at 9:18 pm to LSshoe
Honestly any older dell/HP/Lenovo mini tower PC with a PCIe slot for a network card would be great
I'm running a dell r210ii for mine
I'm running a dell r210ii for mine
Page 1 of 1
Popular
Back to top
Follow TigerDroppings for LSU Football News