Thoughts on running LEDE FW on one box and LEDE WiFi/AP/Router on a second box?

alex · March 20, 2017, 10:43pm

Hi Folks - I'm running LEDE Reboot 17.01.0 r3205 on a Linksys WRT1900ACS v1 and it's been rock solid.

The Linksys is cabled directly to my cable modem (in bridge mode), so it's the one box show running my FW, routing, and WiFi.

My question is more around the best practice for the FW. In otherwords, would a separate FW appliance have any benefit?

So Cable Modem -> LEDE FW appliance -> WRT1900ACS with LEDE handling WiFi and Routing, but not FW.

In my mind, the extra appliance is just another layer of security as well as taking the WiFi off the edge router. Also, not running the FW on the WRT1900ACS could possibly lower the CPU utilization and help the Linksys. All of that is pure conjecture as I don't have any data to show the Linksys is overworked.

So, thoughts on a separate FW vs. all in one LEDE box?

diizzy · March 22, 2017, 7:08am

Doesn't really add anything, I'm running a TL-WDR3600 as a separate AP as my gateway lacks WIFI but other than that it doesn't provide anything unless wifi is flakey and kills the box itself.

maurer · March 23, 2017, 7:12am

Routing and FW usually goes hand in hand so add an extra WIFI box only if you want extra signal coverage otherwise you'll complicate your setup.