I realized today that the TP-Link TL-SG105E switch I have cannot be configured to allow management access only on a specific ethernet port. So it looks like the switch interface can be accessed on any port, which is a security concern if you have potentially untrusted devices in your network.
On that basis, I would appreciate your recommendations for a managed gigabit switch with up to 8 ports that supports VLANS and where management access can be restricted securely to a specific port. The price should be up to around 100$ USD and the device should still be supported by the manufacturer.
This will be for a home network that contains an OpenWRT router with 3 PCs, a dumb AP for Wifi access of a couple of smartphones / tablets and a smart TV.
One of my local retailers is currently selling a Linksys LGS308 for around 60 USD:
However, I am not sure from when this model really is. The last available firmware update dates back to 2018:
Would that already be a reason to exclude this model?
Are there any switches at this price range that receive regular firmware updates? TP-Link, for instance, has always a very limited support time of 2 to 3 years and then appears to abandon a product.
Or are there any router models that you could be turned into a switch using OpenWRT as an alternative? Not sure if that might be a good idea to ensure regular firmware updates of the device.
Zyxel GS1900-8. Amazon US currently has them for $50 US w/ 10% off coupon for Prime members. Even without the discount, it's worth it. Many of the switches in that model series (including this one) can run OpenWRT and are rock solid.
Alternatively, the Netgear GS108-T v3 is decent but not perfect. You can convert them to running OpenWRT, but as of 23.05.2 at least, you needed to add a startup command to get the LEDs working. Additionally, I have had to return a few of them because they had a serious coil whine when powered over PoE despite it being officially advertised. YMMV on that one.
Unfortunately Amazon is not available in my region. Locally I could only find the Zyxel GS-105S v2 apart from enterprise sized switches for 500 USD and upwards, which are oversized for my requirements and out of my budget...
For TP-Link, once you move up to the business grade switches, you'll be much happier. For example, the TL-SG2008 or TL-SG2008P (PoE) units are pretty good. I have a TL-SG2210P in my lab at work and it's a good switch, as was my T1600-28PS. None of these can run OpenWrt, though.
Similarly, with Netgear, just avoid the entry level/home devices and you should be good.
TP-Link TL-SG2008 would be available in my region at a reasonable price. Not sure if you can securely configure the management port. And I am also not sure for how long you would get firmware updates...
I have experience with the 2210P and you absolutely can set the management VLAN. I can see that the same is true with the 2208 -- there is an emulator available for it so you can play with the GUI. Business grade devices have much better firmware than the consumer grade units. In this case, even though these are lower end business switches, they do allow proper management configuration.
I am not thinking single ethernet cable. Sorry, this is not really helpful. If you consider a thread not worth your time, please ignore it. If you consider a question ill posed, please ask for clarification and elaboration. Let's keep this forum as nice and productive as it tyically is (due to hard work of everybody involved).
A Netgear GS308T still shows up on ebay or amazon for ~$50 from time to time. If you can find one, these are good OpenWrt supported 8 port managed switches. No POE, but compact and well made. Make sure you do not accidentally get a GS308 without the T - there are lots of those for sale, but they are not managed.
I don't have experience with those, but if you are willing to make do with 5 ports, another option might be an Edgerouter X (ER-X) if you can find one used for the right price. Sure it's a router, but it is the size of a small switch and more than capable of 5 port managed switch duty.
One caution. The ER-X is supported in 23.05 now, but main snapshot doesn't fit in its current 3MB OS partition. There are some PR's to fix this (it has 256MB of flash and memory), so odds are high it will continue to be supported by OpenWrt, but this is still something to consider or perhaps take a wait and see approach.
Ouch. I can pick one up used on ebay for ~$40. I would not spend $100 on an Edgerouter X. Whether used as a router or a switch, it's not worth that much. Sorry that idea did not work out.
I got a second hand zyxel gs1900-8hp for well below 100EUR, that is one of the models that can be converted to run OpenWrt (that was always my plan, but I ended up rushing it into use with the zyxel firmware, which works well enough for my modest requirements). The last firmware update was from November 2023 so reasonably recent... I have not tried to restrict the config interface yet so can not answer that question. As a bonus the unit supports POE so can be used to e.g. power a dumb AP or webcams (if you have any... that was my driver to pick a POE model, but I ended up not deploying those cameras...).
I am quiet inclined towards Mikrotik switches at the moment. SwitchOS receives frequent firmware updates and it is more straight forward to use than the normal Mikrotik OS, which is quiet complex.
Perhaps a Microtik RB750Gr3 router is available in your locale as well? I may be beating the proverbial dead horse, but basically it's the same idea as using an Edgerouter X as a switch - only if available used at the right price and if 5 ports works for you. However the RB750 Gr3 is no joy to flash. Pay careful attention to the warning to use 23.05 rc3 initially.
er.....I doubt this. As an owner of Mikrotik CSS326-24G-2S+ 24 port switch, my last SwOS update on it was in 2021, and there were 2 releases which targeted new hardware bundle only, so the most recent update I can use was the one released this year, almost waited for 3 yrs! For RouterOS they do have frequent update, well.....to be fair, just a switch probably not that many updates are required.
