By:
Filters
What's new
Carbonite

South Africa's Top Online Tech Classifieds!
Register a free account today to become a member! (No Under 18's)
Home of C.U.D.

New Home Network Advice

BunduRic

BunduRic

Member
Rating - 100%
25   0   0
Joined
Nov 5, 2017
Messages
277
Reaction score
28
Points
1,785
Age
51
Hi all,
I need some network advice to update / upgrade my home network.
Currently I have an Airport Time Capsule connecting to my fibre router and then multiple airport express devices.

The issue is the Apple Airport Time Capsule does not support Open VPN, so Nord VPN does not work.

I also have multiple wireless cameras and home automation devices on my network.

So what is the best options for an open VPN supported router, 100mb fibre line to use with NordVPN?

And then the network extension, double storey, dead zones, etc. best devices to expand my network and cover everywhere with proper wifi signal?

Max distance from router around 40m.
 
I had a similar issue, apart from the VPN bit.

So I divided my house into 3 zones: back, middle, front.

Back
My workspace, ONT+router, replaced the router I got from the ISP. That thing was a piece of shit. 2 PCs, NVR, some devices and cameras.

Middle
Workspace 2, hardline to back (1gbps) served by a Mikrotik Hap AP. 2 PCs + wireless for devices (incl cameras).

Front
Entertainment space, hardline to middle AP, also a Mikrotik Hap AP. Decoder, devices and cameras.

Had an issue or two setting them up initially, but got help on here.
 
I will check those out, thanks for the feedback
 
Why do you require VPN access though?

I'd DST-NAT those devices requiring external access over a DDNS service or just enable UPnP on your router and get to the NVR like that.
 
'So what is the best options for an open VPN supported router, 100mb fibre line to use with NordVPN? ''

Mikrotik Hap AC3 will work as a OpenVPN server. It will also do the VLAN segementation for the camera's and IoT devices. Mikrotik is not the most user friendly of devices, but they are feature rich.

Install WifiMAN on your phone and create a wifi map. Post the details here. :)

Does the fibre come into the ground floor or 1st floor?
 
souljazk said:
'So what is the best options for an open VPN supported router, 100mb fibre line to use with NordVPN? ''

Mikrotik Hap AC3 will work as a OpenVPN server. It will also do the VLAN segementation for the camera's and IoT devices. Mikrotik is not the most user friendly of devices, but they are feature rich.

Install WifiMAN on your phone and create a wifi map. Post the details here. :)

Does the fibre come into the ground floor or 1st floor?
Click to expand...
FWIW (do own verification, further reading, etcetera), this topic appears to be a factor with Mikrotik routers.
 
From a router point, I went the pfSense route and haven't looked back. It is a tad excessive but I enjoy tinkering with it every so often.

I had an OpenVPN client setup to route specific devices (static LAN IPs) through Nord (became a bit overkill so just moved to device connections after a while) and then an additional OpenVPN server set up to access IP cameras and server files from outside the network without exposing them directly to the outside world.

From a wireless AP point what @Valheru suggested is similar to my setup and works great. Wireless extenders, while great in theory, performed terribly on my network (high ping, fluctuating speed etc.) so would not recommend those.
 
zenzan said:
FWIW (do own verification, further reading, etcetera), this topic appears to be a factor with Mikrotik routers.
Click to expand...
It's a factor with ANY device, be that a router, IoT, phone, computer, TV. :)

FROM THE ARTICLE -
In a statement shared with The Hacker News, the Latvian company said that "there are no new vulnerabilities in RouterOS," while stressing that keeping the operating system up to date is an "essential step to avoid all kinds of vulnerabilities."

Not keeping your equipment upto date is like leaving your car unlocked in the road at night - not a bright idea but it happens.
 
souljazk said:
It's a factor with ANY device, be that a router, IoT, phone, computer, TV. :)

FROM THE ARTICLE -
In a statement shared with The Hacker News, the Latvian company said that "there are no new vulnerabilities in RouterOS," while stressing that keeping the operating system up to date is an "essential step to avoid all kinds of vulnerabilities."

Not keeping your equipment upto date is like leaving your car unlocked in the road at night - not a bright idea but it happens.
Click to expand...
Hear ya, my point (such as it is) is that there is more news of this nature about Mikrotik than anything else; at this cost/complexity level (so not going up to enterpri$e gear) they kind of stand alone with reportage about being compromised and, if anything, complicates things for us by removing what should be an entirely valid option.

And yes, neglect (in all the ways it applies) may well be the Number One cause of getting caught out.
 
zenzan said:
Hear ya, my point (such as it is) is that there is more news of this nature about Mikrotik than anything else; at this cost/complexity level (so not going up to enterpri$e gear) they kind of stand alone with reportage about being compromised and, if anything, complicates things for us by removing what should be an entirely valid option.

And yes, neglect (in all the ways it applies) may well be the Number One cause of getting caught out.
Click to expand...
Like any other router they can be set to auto update, which makes this point invalid :)

There is more news simply because these are more business grade devices, hence the risk / cost is higher than VS home users.

If you look at the CSV details, Dlink and TPLINK have had far more CVE's above 5 in the last 5-10years, which makes Mikrotik the safer option once you have auto-update enabled.

Mikrotik Routeros : Security vulnerabilities, CVEs

Security vulnerabilities of Mikrotik Routeros : List of vulnerabilities affecting any version of this product
www.cvedetails.com

D-link : Security vulnerabilities, CVEs

Security vulnerabilities related to D-link : List of vulnerabilities affecting any product of this vendor
www.cvedetails.com

Tp-link : Security vulnerabilities, CVEs

Security vulnerabilities related to Tp-link : List of vulnerabilities affecting any product of this vendor
www.cvedetails.com
 
Also a thing to note about Mikrotik routers is that they are actually updated. Able to run 10 year old routers from them and still get the latest security and feature updates.
It's the same with any device that is connected to the internet. If you don't update it you are going to be vulnerable. Fortunately Mikrotik do a good job of fixing issues that are raised and supporting their hardware.
 
You must log in or register to reply here.

Users who are viewing this thread

Total: 2 (members: 0, guests: 2)

Similar threads

mikewazar
Review Starlink_Part1_draft_final_final2.doc
Replies
15
Views
1K
Conack
Conack
ZaLiTHkA
  • Locked
Reseller refuses to provide sufficient details to do "Ownership Transfer" of Dell laptop warranty
Replies
24
Views
3K
ZaLiTHkA
ZaLiTHkA
L
Flashing Sonoff Mini R2 with Tasmota DIY OTA
Replies
2
Views
588
lucidlad
L
zedwunare
Suggestions around content filtering on home LAN
Replies
5
Views
418
zedwunare
zedwunare
NemoXX7
Looking for a UPS inverter for WFH setup
Replies
15
Views
458
NemoXX7
NemoXX7

Latest posts

Top Donors

IOPS
NI∀ƆOƆ‾⊥ᴚ∩ʞ
eagle2k
Sp3c1al1zed
Confucius
nephilm
Athos
EELeat
Off-The-Chart
McDuncun

Share this page

Back
Top Bottom