Router choice for small company

Hello All,

We are 15 people where

  • 10 are wired in ethernet through a switch (hence no need for 10 RJ45 slots)
  • 5 are connected through wireless

I'd like to install openWRT to get nice security and flexibility, what is your advice in term of HW today ?
Budget is around 400$

Thanks

Ok...

Need to know if this is going to just connect to the switch you mentioned and if the WIFI clients are being hosted on an AP already in place. If this device is to be used to just terminate the Ethernet WAN and then pass it to the switch.

Speed of the WAN is also something to take into consideration for the throughput of the firewall processing. A simple iptables rules setup can get wireline speed from a router but, if you're hosting things or need complicated rules it will slow things incrementally as you add more rules to be processed.

I could give a long list of sub $400 routers but, if there's something specific that meets your needs that's a better idea. As you can also take a simple $50 wired router and connect it to your switch and be fine. Add onto the $50 router a decent FW appliance, AP for WIFI, etc.

Hi, thnaks for the reply.

the device will be used to terminate the ethernet and WiFi AP, we do not need complicated firewall rules, just MAC filter ! :slight_smile:

I hope my feedback is good enough for your...

and what's the speed of the internet connection ?

Optical fiber ! But we do not need very high speed, it's mainly local :slight_smile:

I'd grab that last Roqos RC10 available on ebay.com :wink:
or Raspberry pi 4 for the routing, and some router or AP for the wireless.

For a 400USD budget my first choice would be Turris Omnia 2020. I am not sure whether you need wifi ac, because looking at the specs I can find ac and b/g/n wifi versions as well.

I do like the feedback and specs of Turris router, I'll go for it ! Thanks

For 15 employees and 1 GBit/s fibre, a small/ low-power (wired-only) x86_64 system with two network cards (running OpenWrt) is an attractice solution, extended by wireless APs (ideally running OpenWrt as well) as needed. This would start around 200-300 EUR/ USD for new hardware, but you will have to add (cheaper) 1-2 APs and a (smart-)managed switch is certainly an advantage (albeit not strictly necessary).

An RPi4 would also provide the necessary performance, but x86_64 is probably mechanically more sound and less trouble.

Get a small x86_64 device with two "built in" network ports that is linked to a network chip that is supported by openwrt out of the box (very important). This is for enterprise stuff, things simply must work. Example, I can get my i350 based pcie card to work in openwrt, but I must build the installer by my self. While it works, you want to avoid this complexity.

Install openwrt but avoid adding configuration. When a new release of openwrt comes along, without configuration, you have the easiest (and less risky) upgrade path.

For wifi, Tp-link's EAP lineup could be a good option. For best stability, go with the stock firmware. Install the centralized controller software on a different host than your router.

Add a switch between the router and wifi APs

RP4 is a 1 ethernet, low powered cpu board for a scientific activity, robotics, etc. Rp4 not capable for routing as not capable being desktop pc. Stop advertising it.

time for a reality check

it works fine, and is capable of routing at 1gbit, if you add an additional usb ethernet adapter (not really needed, but makes life easier).

The company are not YOU personally, using USB dongle for MONEY bussiness are such a not real case you can not even imagine. Even guy like me not using it for CS:GO, because ping issues, are you think even 3 person company would use it? You noticed Roqos RC10 great router, and i am 100% agree, and next string you advertise rp4 as router. just lol. sorry are you troll? or never was in a COMPANY?

you read to much into OPs question.

they might be freelancers, not willing to take the cost, or folks that doesn't really need the internet to be up and running 24/7, etc.

get two RPis, and have instant redundancy, still cheap, and capable.

but if you ask here, I assume it's because you want a capable, and smart way of investing your money in an internet router, and RPi could be just that.

i can agree RP4 is a great solution if we talk networking - for example my usecase (unbound + pihole)
is 260 USD for 2 rpi cheap for you? 260 USD we talk ubiquiti pro routers field here..
In Russia we can get proof NEW USG4 Security Gateway for price of 2 2gb rpis from aliexpress lol.

....I thought we were ?

I run my piholes in the cloud, it's free.

The 2GB Rpi4 is still $45, bare.

22200RUB is ~ $300.

https://imgur.com/a/UMbgCTK
And you cant use it bare, you need 2 case, 2 fans, 2 usb cables, 2 power sources, 2 SD cards.

Hey, thanks for the discussion ! :slight_smile:

We bought a turris Omnia and a dell desktop certified 24h; we can't work with an industrial product like the Rpi.

Kind regards

1 Like

Can you explain a bit more about how you run pihole in the cloud? And what is your perceived accuracy of the block-lists the solution makes use of to remove ad related stuff?

Cloud hosts provide Linux dists, you install one of those, and install pihole on the host afterwards, not really rocket science, I think the procedure's the same on a "real" pi.

The big difference is the firewalling, since your cloud pihole's exposed to internet, you have to lock it down properly.
Mine's open for my static FTTH IP, and a couple subnets beloging to my mobile carrier.
A regular pihole sits on your LAN, behind a router.

The main reason I did this, was it'd let me block ads on my phone too, in Chrome on Android - it doesn't allow addons to be installed.

I have two cloud piholes, and can easily do upgrades and other, possibly lethal changes, without
losing functionality.

When it comes to blocking, it blocks a lot but not all, stuff that require URL analysis to be detected, doesn't work, like youtube.

my primary pihole:


secondary

1 Like