Curious for those using a Ubiquiti router, which would you recommend? I already have switches so I don’t need more than a couple ports, but I do want it to be rack mountable. Right now I have an Asus router but everything is behind google wifi. The google wifi will remain for now. Unfortunately I didn’t realize when I bought it that it was basically a virus that would take over my network and create its own subnet and dhcp server... but I have 6 nodes and can’t afford to replace that right now since I’m already on my second mesh solution (had Asus Lyra first which was absolutely garbage)
What all do you need. I find the GUI in Unifi really lacks some thing that seem like they would just be there. but the CLI and JSON configs make a lot of advanced configs easy to move from place to place. If they don't get knocked out by a firmware update.
I have used a USG at home and a USG Pro in some settings. I have used the edgerouter back when I was responsible for a public /22.
I do miss my PFSense router the most. Just not willing to do a migration right now.
Unifi is great...except the routers/firewall (depending on your needs). I wish they were better, and hope they can be some day. For now...they are not.
I'm assuming you're a tinkerer like many here. I second @Hasty1, pfsense is pretty amazing and can be run on older hardware.
I have an old watchguard xt505 that i rescued from the junk heap. Only been using for a week and it's been great. Had a flashed R7000 w/merlin prior, which was okay.
For the money unifi will cost, you could get one hell of a pfsense setup.
I would avoid the ‘Dream Machine’ models. Although nicely priced and feature rich their firmware is immature, partially featured and problematic. Needs many months more work and bug fixing but Ubiquiti are unfortunately using their customers for testing.
USG Pro here - there’s a new significantly faster model of that just launched too.
I had a USG. Nice kit but it had quirks, limitations and too much hidden away... but it has a pretty GUI if that's you're thing. WAN load balancing never worked correctly so I upgraded to a Mikrotik Hex S and much happier
Honestly, I’m looking for just the opposite. I want something I setup and don’t have to think about, it needs to just work, and work well. My network needs to work 100% of the time, I don’t want to be tinkering with it. Definitely not looking for something I have to install on my own hardware. What I’m looking for:
VLAN support
VPN server
Need it to have a high packets per second, I have a lot of devices and do a lot of video streaming
Decent firewall configuration (I have certain devices I want to block any outgoing internet traffic, etc.)
Ability to add local dns entries would be great but not required
What’s interesting here is all over this forum people talk about how great unifi is but seems like most people on this thread are recommending against it... so what do you recommend? Just trying to find something a little more prosumer.
Basic routing and remote access they are great. For home use it could be fantastic. We recommend them for most our small and mid sized businesses. So why do I say that?
The firewalls have no logging, at all. In fact none of Unifi has logging without a separate syslog server. That makes it unnecessarily difficult to troubleshot issues. Even your Asus has better logging then Unifi and that just sux on them IMO. Geo filtering limited to 15 counties (if your lucky enough to get it working, beta i know, endlessly)
not if you want ISP or any higher level protecting. Even their best right now limits you to 850Mbs (not include early access, trying to get some to test)
I see the humor in that (for some of their products)...but my ER12 has been completely stable and reliable, very happy w/it.
It's definitely a tweaker's playground, via CLI more that GUI, and I had a learining curve to get a handle some parts of what I bought it for (VLANs/IoT isolation, WireGuard VPN, etc.). The forum can be very helpful, lots of seriously skilled networking people there.
LOVE their AP - I have a NanoHD AP and it covers my entire house and outside where before I always needed multiple units to make it work.
Seems like EdgeRouter line is getting pushed to the side going forward due to other prioritites, like the new UNMS product line (WISP focus). It feels like EdgeRouter line will get squeezed for resources in the future, so I'm not as bullish on the future of EdgeRouter as I might have been. And agree very much that from what I've read the UDM line has been very problemmatic due to serious and long-lasting FW issues.
Overall I've been very happy w/my setup (ER12+NanoHD AP) but obviously it's a very simple config and I haven't had to deal w/potential issues that multi-AP installs can bring.
One thing I forgot to mention, Unifi APs require a controller, either on their hardware controller, or many run the controller like I do on a Pi - it's required for all config, FW updates, maintenance, etc. ER line has pretty robust GUI, but you can do anything you want in the CLI. (Good and bad...ask me how I know. ) ER line and Unifi line are separate - they can and do work together very well, but you manage the Unify APs from the Unify controller, and the ER from its GUI or CLI, and to some extext from the UNMS controller. It's a little odd...
UniFi as an ecosystem is great but the firewall leaves me wanting a little more. My load balance works ok. Static DNS is kinda a hack and VPN tunnels work but no SSL vpn or openVPN support.
Agreed! Edge is, decent which beg the question... Why Ubiquity.... Why would you cripple Unifi so badly? It's a great platform, just give it a half decent gateway, and you win! It's aggravating to be so close to a complete solution, and falling so short.
OpenVPN support is available on the ER line, setup is via CLI rather than GUI - I had OpenVPN on my ER12 before moving to WireGuard. WIreGuard is also supported (via community work) that has been integrated into the official WG support. Oops...maybe I'm confused, you were referring to the UDM products?
) ER line and Unifi line are separate - they can and do work together very well, but you manage the Unify APs from the Unify controller, and the ER from its GUI or CLI, and to some extext from the UNMS controller. It's a little odd...
