Best path to upgrade from consumer routers?

[MrGreenMan]

Hi everyone,

I've had the pleasure of running DD-WRT for the past near decade, and while it is a great tool, I don't feel that I'm learning anything that can be applied to business networking with it and while it is stable, it isn't rock hard stable.

I've already moved DNS and DHCP to a DC on my ZFS / ESXI box so now I'm looking at a sole firewall / switch situation and I'm curious which would be the best path to work with?

I'm familiar with Cisco IOS (PIX / ASA) and Sonicwall from my last job but it's been awhile and I wasn't really setting anything up, just making small config changes. Anyone have any recommendations?

 

[aggiec05]

pfsense, on an intel atom board or alix board like this from Netgate
PFSense can let you still learn firewall rules, ports, dns forwards, basically anything you would need to do in a business networking sense.

Otherwise you can pick up an ASA5505 if you want to learn the "cisco" ASDM way.

 

[Liger88]

Something like the Cisco ASA 5505, RB2011UAS-2HnD-IN, and the ZyXEL USG20W are good places to start. They got a bit more kick and are designed more around those who know what they're doing than a consumer, but still consumer level oriented devices as far as performance goes.

Layer 3 Switches and higher-end Routers I'm not too familiar with to give an opinion on other than a lab environment, compared to people who deal with them on a daily basis here.

But HP, Dell, and of course Cisco, seem to be the most recommended. It's a very competitive environment in the sub-$2,500 range.

Oh and like aggiec05 mentioned, there's always the build it yourself model, which is what I honestly prefer. A lot of good free options out there that will teach you a TON!

 

[bds1904]

if you have a switch that supports vlans why not virtualize pfsense and do a router-on-a-stick?

You could always build yourself a pfsense box for less than $250 with all the power you'll need.

If you don't want a roll-your-own, get one of the RB2011 series routers, you'll be happy.

 

[theboxmx3]

asa 5505 FTW

 

[/usr/home]

The ASAs are more of a firewall than a router but they do do some routing.

I recommend a Mikrotik or Ubiquiti EdgeRouter Lite.

 

[diizzy]

I would actually put ERL and Mikrotik under the same category as OpenWRT even though they run a different os (somewhat) its still about the same thing.
//Danne

 

[vegaman]

I'm planning on going the pfSense route - I have an old Supermicro Atom board to run it on, just have to get a smaller case. With a managed switch and Ubiquiti UniFi for wifi.

 

[Nate7311]

if you have a switch that supports vlans why not virtualize pfsense and do a router-on-a-stick?

You could always build yourself a pfsense box for less than $250 with all the power you'll need.

If you don't want a roll-your-own, get one of the RB2011 series routers, you'll be happy.

This is the route to go. Works great! Given that the OP is already somewhat comfortable with virtualization and is looking more for concepts rather than hard product familiarity.

...Or I've got an L3 Gigabit switch in the FS/FT forum as well.