I just recently got 1 gigabit up/down at home when they put in fiber. Now I’m looking for a router/firewall to use. I run a homelab with a few VMs.

I was looking at getting a Cisco router to tinker with, as I’ve just finished a course on IOS. What routers would you recommend (2nd hand) for less than 150€? Is Cisco even feasible at this price point or should I just get a mini pc and run pfsense/opnsense?

I’ve looked at the ISR900 and it seems to meet my requirements, but I am not sure if it also offers a web interface, which would be quite useful for me.

Bit of an unstructured post but I hope you’ll be able to help me regardless.

EDIT: I ended up getting a mikrotik hAP ac3 router. It seems to meet my requirements and after trying the routerOS demo they have up I decided that it would work for me.

  • slazer2au
    link
    English
    610 months ago

    Cisco and web UI are a nope all cisco enterprise exams are based on the cli with the exception of DNAC.

    The ISR900 series has a max throughput of 250Mb so it will not work for your case.

    Go for the opnsense on a mini pc. It will be more capable than a cisco router

    If you are keen on continuing down the cisco line get GNS3 or EVE-ng setup and learn the cli with the iosv and iosv_l2 images.

  • ɐɥO
    link
    fedilink
    210 months ago

    Currently running virtualised opnsense on Proxmox. works pretty damn well. WebUi is great, Pergormance is awesome and it just works

  • @TCB13
    link
    English
    210 months ago

    How much wifi and open-source do you really want?

    If you are willing to go with commercial hardware + open source firmware (OpenWRT) you might want to check the table of hardware of OpenWrt at https://openwrt.org/toh/views/toh_available_16128_ax-wifi and https://openwrt.org/toh/views/toh_available_864_ac-wifi. One solid pick for the future might be the Netgear WAX2* line or the GL.iNet GL-MT6000. One of those models is now fully supported the others are on the way. In OpenWRT forum and Wiki you may also find throughput tests of some routers.

    For a full open-source hardware and software experience you need a more exotic brand like this https://www.banana-pi.org/en/bananapi-router/. The BananaPi BPi R3 and here is a very good option with a 4 core CPU, 2GB of RAM Wifi6 and two 2.5G SFP ports besides the 4 ethernet ports. There’s also an upcoming board the BPI-R4 with optional Wifi 7 and 10G SPF.

    Both solutions will lead to OpenWRT when it comes to software, it is better than any commercial firmware but there might be catch about open-source wifi. The best performing wifi chips are Broadcom and those don’t usually see open-source software support. MediaTek is the open-source alternative and while they work fine they can’t, unfortunately, beat Broadcom. As most hardware is Broadcom they have hacks that go behind the published wifi standards and get it go a few megabytes/second faster and/or improve the range a bit.

    While there are things like OPNsense and pfSense that may make sense in some cases you most likely don’t require that. You’ve a small network and OpenWRT will provide you with a much cleaner open-source experience and also allow for all the customization you would like. Another great advantage of OpenWRT is that with a great router like the BananaPi BPi R3 you’ve the ability to install 3rd party stuff in your router, you may even use qemu to virtualize stuff like your Pi-Hole on it or simply run docker containers.

  • @[email protected]
    link
    fedilink
    110 months ago

    I got a mini pc and ran pfSense back in the day. I’ve been using pfSense ever since, though I’m now on their hardware (which costs more than your stated budget).

    I agree with folks recommending Ubiquiti, but I’m also barely literate in the aspects of the market that matter. I just recognize the brand as trusted and we used their devices at a job I had.

    For some reason, I have a negative view of Mikrotik - as though I’ve read something damning in a security-related article about them - but I can’t back that up. If I did, it was only once.

    Stay away from TP-LINK. I had one of their devices and it was garbage.

  • SirMaple_
    link
    fedilink
    110 months ago

    IF it’s possible you might be able to take the ISP SFP and put it in a SFP to RJ45 media converter and then you can use any 1gig capable router. I did this with my Telus SFP.

    OPNsense or OpenWRT. I run multiple OPNsense firewalls for family members all connected together with a WireGuard Mesh.

    Cisco is command line for the most part until get into the APIC NSX stuff. There’s others but I’m only exposed to those 2 where I work.

  • Possibly linux
    link
    fedilink
    English
    110 months ago

    I run openwrt on all my stuff. Its not Cisco but it gives absolute control over your hardware.

  • @cellardoor
    link
    010 months ago

    Mikrotik or Ubiquiti all the way! Don’t touch Cisco.

    • @[email protected]OP
      link
      fedilink
      310 months ago

      I’ve had some bad experienced with Ubiquitis edge routers and their Unifi software, so I’d rather avoid them for a bit. I’ll have to look into mikrotik!

      • @TCB13
        link
        English
        510 months ago

        Personally they lost all credibility when they started to push for the Cloud Key. It’s just plain abuse to make hardware that is unable to self-setup properly and run autonomously. I get the whys but still plain abuse.