Looking for a POE swtich Need some suggestions

Status
Not open for further replies.

Enigma

Gawd
Joined
Oct 15, 2003
Messages
845
I am looking for a 8 - 16 Port POE switch, I am using it to run ip cameras at my second home 300 miles away.

I need it to be remote managable (preferably web interface without using the cloud, going vpn for security purposes), I need to be able to cycle POE power remotely

Needs to be 802.3at Compliant

I would prefer not to break the bank, Budget is around $300 USD max.

Current planned network layout with included vpn: Network - ER7206 - Home1 Router <----> Home2 Router - ER7206 - Managed POE Switch - IP Cameras

Any help would be greatly appreciated,

Thanks in advance.
 
Last edited:

Nicklebon

Gawd
Joined
May 22, 2006
Messages
814
A switch would not be used for port forwarding. I would suggest hitting ebay and picking up one of the many Fortigate 140-POE firewalls available there. They can be used as your switch and a firewall to do your forwarding and terminate an ipsec or ssl/tls vpn. Before you ask none of them are mine. :)

PS I see at least one E model at a VERY nice price
 

Enigma

Gawd
Joined
Oct 15, 2003
Messages
845
A switch would not be used for port forwarding. I would suggest hitting ebay and picking up one of the many Fortigate 140-POE firewalls available there. They can be used as your switch and a firewall to do your forwarding and terminate an ipsec or ssl/tls vpn. Before you ask none of them are mine. :)

PS I see at least one E model at a VERY nice price
I guess I should have been clearer on how the network would be setup... It would go : Internet - Router (with Nat) - POE Switch - Ip Cameras

I want to port forward from the router to the switch for remote management.

The main router would take care of the firewall and port forwarding.

Basically just looking for a POE switch that is 802.3at compliant, with remote management through a web interface that allows me to remote shut off and restart poe devices as needed.
 

SamirD

Supreme [H]ardness
Joined
Mar 22, 2015
Messages
5,090
I wouldn't set it up that way (I too have a second home I need to monitor as well as another site).

I would simply get a regular poe switch and have it connected only to the nvr--no internet access for the cameras, only the nvr. And that I would control with the firewall/router, which would connect to home base over a ipsec vpn tunnel. Once you use site-to-site ipsec vpn tunnels to access things, you'll never go back to port forwarding or punching holes in your firewall/router. You'll also find a lot more uses for it like RDPing into remote systems, checking on other iot devices or other things connected to the network, turning on and off ethernet controlled lights, and more since you basically have remote access to anything on that site's local ethernet network.
 

Valnar

2[H]4U
Joined
Apr 3, 2001
Messages
3,755
I can recommend the Cisco small biz switches. SG200 (used) or newer SG250. Web interface, some have PoE. Pick your model.

A firewall that does VPN is the best method. If you insist on port forwarding the switch web interface through a firewall, I would get a better firewall. How are you with pfSense?

I'd *still* prefer a VPN, but if I absolutely had to use port forwarding, I would:
  • Use firewalls on both sides that support DDNS, or have a host behind it running a DDNS client. Register both sides with DYN.com or equivalent.
  • On the remote side, have a rule that allows port forwarding only from your DDNS public IP registered from your home. pfSense supports FQDN aliases.
There are other firewalls that can do this too, but this is the best free option.
 

Valnar

2[H]4U
Joined
Apr 3, 2001
Messages
3,755
I would simply get a regular poe switch and have it connected only to the nvr--no internet access for the cameras, only the nvr. And that I would control with the firewall/router, which would connect to home base over a ipsec vpn tunnel.
Assuming he has an NVR.

This doesn't solve his problem of wanting to cycle PoE cameras remotely.
 

Enigma

Gawd
Joined
Oct 15, 2003
Messages
845
I wouldn't set it up that way (I too have a second home I need to monitor as well as another site).

I would simply get a regular poe switch and have it connected only to the nvr--no internet access for the cameras, only the nvr. And that I would control with the firewall/router, which would connect to home base over a ipsec vpn tunnel. Once you use site-to-site ipsec vpn tunnels to access things, you'll never go back to port forwarding or punching holes in your firewall/router. You'll also find a lot more uses for it like RDPing into remote systems, checking on other iot devices or other things connected to the network, turning on and off ethernet controlled lights, and more since you basically have remote access to anything on that site's local ethernet network.
I have no onsite nvr, I have been thinking about it but my plan is to link the cameras to the zoneminder server at my primary home, All recording, event notification, and archiving will be done offsite at my primary home.
Took the advice and ordered 2 vpn routers.

I can recommend the Cisco small biz switches. SG200 (used) or newer SG250. Web interface, some have PoE. Pick your model.

A firewall that does VPN is the best method. If you insist on port forwarding the switch web interface through a firewall, I would get a better firewall. How are you with pfSense?

I'd *still* prefer a VPN, but if I absolutely had to use port forwarding, I would:
  • Use firewalls on both sides that support DDNS, or have a host behind it running a DDNS client. Register both sides with DYN.com or equivalent.
  • On the remote side, have a rule that allows port forwarding only from your DDNS public IP registered from your home. pfSense supports FQDN aliases.
There are other firewalls that can do this too, but this is the best free option.
See reply above, I ordered 2 TP-Link ER7206's to handle the vpn side of things. This will work out better in the long run to go vpn as I have other devices that I would like to monitor on the network aside from ip cameras.

Assuming he has an NVR.

This doesn't solve his problem of wanting to cycle PoE cameras remotely.

Again no onsite nvr, so now I am still on the hunt for an 8 port POE managed switch, that is 802.3at compliant, with the ability to cycle the POE ports in case the camera's need power cycled. Budget might have dropped a little bit because of the added cost of the vpn routers. ;)

**edit I have revised the OP to reflect current planned network layout.
 
Last edited:

Outlaw85

[H]ard|Gawd
Joined
Feb 7, 2012
Messages
1,450
I can recommend the Cisco small biz switches. SG200 (used) or newer SG250. Web interface, some have PoE. Pick your model.

A firewall that does VPN is the best method. If you insist on port forwarding the switch web interface through a firewall, I would get a better firewall. How are you with pfSense?

I'd *still* prefer a VPN, but if I absolutely had to use port forwarding, I would:
  • Use firewalls on both sides that support DDNS, or have a host behind it running a DDNS client. Register both sides with DYN.com or equivalent.
  • On the remote side, have a rule that allows port forwarding only from your DDNS public IP registered from your home. pfSense supports FQDN aliases.
There are other firewalls that can do this too, but this is the best free option.

I would look for the SG250 out of those two. The SG200 only supports 802.3af per my searching. The SG250 supports 802.3at but the SG250-26P or SG250-26HP look like they are over budget (SG250-26HP started at $350 on fleabay).

https://www.cisco.com/c/en/us/produ...ries-smart-switches/datasheet-c78-737061.html
 
Last edited:

Enigma

Gawd
Joined
Oct 15, 2003
Messages
845
Small update, Ipsec Lan-to-Lan VPN tunnel is up and running between both homes. Still on the hunt for a POE switch with remote POE control. Are there any cheaper options out there than the Cisco SG250 series? Looking for some wall mount options as well as I do not have a rack setup at my second home.
 

Enigma

Gawd
Joined
Oct 15, 2003
Messages
845
Ended up going with a TP-Link TL-SG2210MP. I have been impressed with the routers so far so we will see how this switch works out. Thanks all for the suggestions.
 
Last edited:
Status
Not open for further replies.
Top