• Important! If you attempt to register and do not get an email within 5 minutes please check your spam box. This is especially true for Microsoft owned domains like Hotmail, Outlook, and Live. If these do not work please consider Gmail. Yahoo, or even AOL email which works fine.

Ubiquiti EdgeRouter Lite

wct097

NPD Club President 2021-2022
Staff member
Super Moderator
VIP
...then I went into the UniFi controller and set up 4 SSIDs, one for each VLAN ID:



Any user that connects to SSID t-10 gets assigned an IP on VLAN10, t-20 on VLAN20, etc. With the firewall rules in place, devices on VLAN10 can't talk to devices on VLAN20, 30, or 40 nor can those VLANs talk back.
 
That sounds perfect if I can figure out how to have the wired devices play along (hopefully easy enough with a few set IP addresses- they are already outside the DHCP range). The six WAP's I have installed are all WRT54GL's running DD-WRT. I don't think I have had one die yet with most over 5-10 yrs old.

Do I have to use the AP Pro WAPs to serve up multiple SSIDs? I don't need 5ghz any time soon.

...then I went into the UniFi controller and set up 4 SSIDs, one for each VLAN ID:



Any user that connects to SSID t-10 gets assigned an IP on VLAN10, t-20 on VLAN20, etc. With the firewall rules in place, devices on VLAN10 can't talk to devices on VLAN20, 30, or 40 nor can those VLANs talk back.
 

Short Round

Oppan Gangnam Style
VIP
I'm about to move to this setup at my house. I've found the best prices are to order directly from Ubiquiti themselves.

I'll be ordering an EdgeRouter X, their newer version of what you are using, along with a UniFi AC Pro. With POE, I plan on running a CAT6 line to the center of the house.

I like the VLAN segmentation functionality and the overall quality and future expandability of the UniFi system.
 
Last edited:

wct097

NPD Club President 2021-2022
Staff member
Super Moderator
VIP
I think you'll like the UBNT stuff. I've found it to be high quality and solid in terms of performance.

I read up on the ERX before I bought my ERL. The synopsis I got was that they're similar but that the ERX isn't a newer version of the ERL, it's just different. The ERX has a faster proc, but less RAM. The ERL has more RAM and HW acceleration. The ERX does POE passthru and can be powered by POE. The ERX also has a built in switch. The ERX is missing some of the more advanced features that the ERL has. Traffic Analysis and Deep Packet Inspection.

The ERL is a better (faster) router while the ERX is more versatile with the POE and switching capabilities.

If I do my solar powered repeater setup, I'll probably use an ERX since it has lower power draw.


edit: I plan on getting the AC APs for the new house build. Probably have three in the house and one in the shop.
 

Short Round

Oppan Gangnam Style
VIP
My bad. Their website isn't that clear. I thought it was a newer version.

ERX is all I need. I doubt I would need the 1M PPS functionality that the ERL can manage.

I also want the POE pass through for the AC AP.
 

wct097

NPD Club President 2021-2022
Staff member
Super Moderator
VIP
I doubt you or I would notice the difference in speed. Lete know how you like it.
 

wct097

NPD Club President 2021-2022
Staff member
Super Moderator
VIP
I'm not a security Nazi, especially for my home network. I can't remember ever seeking a router patch for a given security hole. I updated my router when I put it in place but haven't logged into it to even check to see if there is an update. Pretty sure the APs have updated a number of times when I fired up the controller to make a change.
 

themonk

ex-monk.
VIP
Does the router offer proxy filtering?

I'd like to have 3 levels of access based on a username, one being for guests and heavily filtered, one for employees with minimal filtering, and one for admin with no filtering.

I need it for wired connections and not just for wireless because there are wired devices with internet access.
 

wct097

NPD Club President 2021-2022
Staff member
Super Moderator
VIP
Not sure. Username? Wouldn't VLAN make more sense?
 

themonk

ex-monk.
VIP
I want users and admins to have full local access. But on a given machine you may have either a guest or an employee operating it. A vlan won't give that flexibility.
 

wct097

NPD Club President 2021-2022
Staff member
Super Moderator
VIP
Is there are term for that type of setup? I'm not seeing anything obvious. I'm thinking you'd need a firewall appliance that hooks into your AD.
 

themonk

ex-monk.
VIP
That's probably what I need, but I'm trying to avoid the administrative overhead. Create user, assign to an already created access group, pour a beer, and relax.

Oh, I'm also trying to avoid the cost of such an appliance.
 

wct097

NPD Club President 2021-2022
Staff member
Super Moderator
VIP
Still rock solid for me. Looking forward to deploying it once we move and I have a proper network again. Going to fully geek out with VLANs and firewall/routing. Going to use it with my Unifi APs to segregate wireless devices to VLANs based on the SSID being used. Basically lock guests and devices that don't need local network access into VLANs that can only route to the internet.
 

Chite5e

VIP
Ultra-Premium
Still rock solid for me. Looking forward to deploying it once we move and I have a proper network again. Going to fully geek out with VLANs and firewall/routing. Going to use it with my Unifi APs to segregate wireless devices to VLANs based on the SSID being used. Basically lock guests and devices that don't need local network access into VLANs that can only route to the internet.
House update?
 

wct097

NPD Club President 2021-2022
Staff member
Super Moderator
VIP
House update?
Planning low voltage drops. Thinking I'm going to wire the entire second floor to a patch panel in the storage area under the roofline in the back of the house. Figure I can put a switch there, then pull 4 runs from there to the basement with conduit for future needs. First floor will be pulled to a patch panel in the basement.

Going to pull Cat5/6 to each corner of the eaves for future camera installs. Would like to have full outdoor coverage plus the front porch, rear patio, and garage. I'm leaning towards the Ubiquiti cameras. I think they scale pretty well and use POE which should streamline the install.

I'm going to have network drops all over the place. Hate wanting to put a computer or TV somewhere but not having cable/network drops. Pretty much every wall in the bedrooms and living room will have connections. Two each ethernet and cable at each location. Four ethernet for living room and master bedroom TV connections. I dislike having to install a switch so that my various components can have ethernet.

Also going to have ceiling mounted Unifi WAPs, plus a couple outdoors and some outdoor jacks (generator, patio, porch) for things like TVs.
 

abqtj

I'm a damn delight!
Staff member
Administrator
VIP
You're going to do 4-port face plates, 2 ethernet/2coax, on each wall of the bedrooms?!?!?
 
Top