Advice needed on Access Points system (Unifi / Omada / Netgear / Zyxel / Grandstream / Dlink)

[koaly]

Hello everyone!
I use Asus routers with Aimesh for a long time and I was satisfied of their performance.
Nevertheless, I decided to give pfsense a try and use it for 3 months already.
Now I wish to setup new network with HW or VM pfsense, managed switch, local AP controller (no cloud) and 2x APs in a wired mesh. I will have at least 3 VLANs and SSiDs with different access permissions.

After a short investigation of available options for AP mesh-systems, I came to the following conclusions:
1. Grandstream = best option, because no need in additional AP controller
at least two usable models GWN7662 (160Mhz channel for 5Ghz, but 2x2:2 MIMO for 2,4Ghz and 4x4:4 for 5Ghz) and GWN7664 (80 Mhz channel 5Ghz with 4x4:4 MIMO for all bands). Excellent coverage in reviews, wired or wireless mesh and price range of 120-160 Euro.

2. Unifi = second best option, because requires additional AP controller
requires SW or HW controller. Wired and wireless mesh possible. Excellent signal coverage, similar to AX6000, price range about 180 Euro for U6LR wifi 6 AP with 1Gbe POE LAN
The docker option (SW AP controller) means that I need to run the server 24/7 on something like Zima Board.

3. Omada (TP-Link) = not acceptable, because of no wired backhaul.
requires SW or HW controller. Only wireless mesh possible. Average signal coverage, price range about 100 Euro for wifi 6 AP with 1Gbe POE LAN
The docker option (SW AP controller) means that I need to run the server 24/7.

3. Netgear = not acceptable, because of no local AP controller available.
requires cloud AP controller.

4. Zyxel = not acceptable, because of no local AP controller available.
requires cloud (Nebula) AP controller.

5. Dlink = not acceptable, because of no local AP controller available.
requires cloud AP controller. AP cannot even be registered without an app.

could you please let me know if I miss something? I did not consider Cisco or Ruckus because of different price ranges and low availability in the EU.

 

[Adooni]

I would give you advice to try OPNsense as then you will have access to
https://github.com/mimugmail/opn-repo
what for example has Unifi Controller (os-unifi-maxit)

you can find something similar fo pfSense but it is beta - pfSense do not have so frequent updates. For example wireguard was added to OPNsense years ago and for pfSense in 2023
for me was frustrating if I find same issue like with LAN bridge and pfSense did not correct it in 2y. OPNsense have updates every few weeks and a lot releases
https://www.thomas-krenn.com/en/wiki/OPNsense_Release_Information

 

[Tech Junky]

Zyxel doesn't need a controller as each AP has local admin. Most APs work the same but companies like to get more profits with cloud subscriptions.

 

[coxhaus]

You can do mesh on the Cisco 150ax wireless APs which do not require a controller as it is built-in. I don't because I believe wire is better.

Cisco has global management if you don't go over several APs more than you would run at home. I don't remember how many right now. I want to say 16.

 

[tgl]

Zyxel doesn't need a controller as each AP has local admin. Most APs work the same but companies like to get more profits with cloud subscriptions.

Yeah, I had a couple of Zyxels that I ran that way. It works, but it's not without disadvantages:

• You have to manually replicate configuration settings across the APs. Even with just 2 APs, this was a bit annoying.
• The APs don't think that they form a network, so you get no 802.11k/v roaming support.

I found that I indeed had problems with devices not roaming very smoothly as I walked around the house. I ended up retiring the setup because I didn't want to rely on Zyxel's cloud management service. (I assume that would've provided 802.11k/v support, but I don't actually know that for lack of having tried it.)

FWIW, I'm currently using UniFi with a HW controller, and it works fine. I could have gone with the SW controller, but there's some extra setup/management overhead to deal with there, and I figured that my time was worth more than the price of a Cloud Key. One thing to realize if you're considering the SW controller is that you do not need to run it 24x7, only when you want to reconfigure or update the APs; the rest of the time it's just monitoring and collecting statistics, which is pretty inessential. That may be true of the other vendors too, but I can't say. (Thinks a bit ... actually, I believe UniFi does need a 24x7 controller if you want it to provide a guest-network portal website. But that's pretty inessential too for most people.)

 

[Tech9]

3. Omada (TP-Link) = not acceptable, because of no wired backhaul.
4. Zyxel = not acceptable, because of no local AP controller available.

Do you need an advice or stopped by to inform us about something?

Only wireless mesh possible.

You are going to miss perhaps the best price/performance option because of the messed up marketing around home routers.

 

[Tech Junky]

manually replicate

Or save the config and make changes and upload to subsequent APs.

 

[tgl]

Or save the config and make changes and upload to subsequent APs.

Sure, but that's also tedious and error-prone. I will give Zyxel high marks for this though: their config files are plain text, which at least makes it possible to do that sort of thing. I wish I could say the same for UniFi.

 

[sfx2000]

3. Omada (TP-Link) = not acceptable, because of no wired backhaul.
requires SW or HW controller. Only wireless mesh possible. Average signal coverage, price range about 100 Euro for wifi 6 AP with 1Gbe POE LAN
The docker option (SW AP controller) means that I need to run the server 24/7.

TP-Link - Omada supports wired backhaul - not sure where you got that info...

 

[Tech Junky]

plain text

As close to Cisco without the price.

 

[coxhaus]

Or save the config and make changes and upload to subsequent APs.

But if you are running different channels and power levels you might as start from scratch.
A Cisco 150ax AP costs $102 the last time I bought one.

 

[koaly]

I would give you advice to try OPNsense as then you will have access to
https://github.com/mimugmail/opn-repo
what for example has Unifi Controller (os-unifi-maxit)

you can find something similar fo pfSense but it is beta - pfSense do not have so frequent updates. For example wireguard was added to OPNsense years ago and for pfSense in 2023
for me was frustrating if I find same issue like with LAN bridge and pfSense did not correct it in 2y. OPNsense have updates every few weeks and a lot releases
https://www.thomas-krenn.com/en/wiki/OPNsense_Release_Information

Many thanks for the hint. I did not know that OPNsense has a package with Unifi SW controller. I will give OPNsense a try. Nevertheless, it is still on FreeBSD 13.2, although pfsense is on the version 14.0.

 

[koaly]

Zyxel doesn't need a controller as each AP has local admin. Most APs work the same but companies like to get more profits with cloud subscriptions.

thanks, I know that standalone APs do not need a controller and manageable from WebUI. My aim is to setup a wired mesh with something like roaming between the APs. This is not possible without a cloud -Nebula

 

[koaly]

Do you need an advice or stopped by to inform us about something?



You are going to miss perhaps the best price/performance option because of the messed up marketing around home routers.

I need an advice, please and stated my findings about different Wifi systems, trying to understand how far they are from what I aim to.

Do you need an advice or stopped by to inform us about something?



You are going to miss perhaps the best price/performance option because of the messed up marketing around home routers.

I have tried myself some systems already. I returned the HW back after I understood that it does not fit the purpose:
- Zyxel has a weird WebUI, but good signal covertage. Though it did not allow me to arrange mesh without registration of devices in the cloud.
- TP-Link with Omada SW controller add APs in mesh if only one APs is wired and others must be wireless. Otherwise no mesh and no managed roaming between APs. I also found out that the signal coverage is way weaker than from Asus, Unify or Zyxel. With a weak signal wireless mesh is not acceptable.
- Dlink has no WebUI. It is not possible to activate the AP without a cloud. No go for me.
- Unifi has weak signal coverage if managed as a single AP without a controller. With a SW controller it had an excellent coverage, allowed wired mesh, roaming etc. I did not know that Unifi mesh would work without a SW controller after initial setup. I have Unraid server and adding a docker there should fit the purpose. My server does not work 24/7, because of insane electricity bills. I need to try it again.

I tested neither Netgear (clear marketig for cloud management) nor Cisco (higher price class and targeted to other user class). That's why I estimated that Grandstream with a built-in AP controller in each AP could serve me better.

Thanks to all for advices

 

[koaly]

TP-Link - Omada supports wired backhaul - not sure where you got that info...

I bought two TP-Link APs and setup Omada SW controller on Unraid. If I adopt APs on the wire they do not show "mesh" in the controller UI. May be the roaming will work, I could not understand that. TP-Link also defines their mesh as wireless feature only.
If you have another experience please inform

 

[Tech9]

My aim is to setup a wired mesh with something like roaming between the APs. This is not possible without a cloud -Nebula

Clients roam between available APs. The APs can only encourage roaming using different techniques.

Otherwise no mesh and no managed roaming between APs.

Controller driven Omada and UniFi actually track the clients and learn the environment in both wired APs and wireless mesh configuration. They encourage roaming by dynamically adjusting individual AP Tx power. This doesn't happen instantly, needs some time. TP-Link Omada is the best from what I have seen so far in fast roaming. You don't need "mesh" word in description for roaming. Perhaps TP-Link is just accurate with the terms. Wired APs are cluster, wireless APs are mesh. For 2-3 wired APs you don't necessarily need a controller. Business APs are designed to work in clusters and some are slightly directional. Home routers are designed to work as single AP on maximum power and omnidirectional. You are missing some of the basics around multi-AP systems and roaming. As a result your conclusions are wrong.

If I adopt APs on the wire they do not show "mesh" in the controller UI. TP-Link also defines their mesh as wireless feature only.

Because in fact it is wireless feature only. It's used only when you have no wires to the APs. This is unrelated to roaming and Omada AP configuration options. Wireless mesh requires Omada controller, wired APs in a cluster can be configured 1) individually without controller, 2) with the controller not running 24/7. Fast roaming needs a controller running 24/7. It only makes the roaming better. Your clients will roam even between individual APs from different manufacturers with the same or different SSID. Your understanding of things is distorted by Asus AiMesh marketing. What they call wired AiMesh is APs, wireless AiMesh is added repeaters. Fancy names for people who don't know what is what and how things work. I told you - you are going to miss the best price/performance system above because of consumer marketing.

 

[koaly]

I told you - you are going to miss the best price/performance system above because of consumer marketing.

Many thanks for detailed explanations. I will reconsider TP-Link as they are the lowest in price per APs.
The only concern with TP-Link is that the signal from either EAP653 or EAP650, which I tested for about a week, was much weaker on both 2,4 Ghz (20Mhz) and 5 Ghz (80Mhz) bands. I set up transmission as high power, but the coverage was way too less than any of Unifi or Zyxel APs.
I do not have interference as I live in a stand alone house with thick concrete floors, ceiling and brick walls.

 

[Tech9]

The only concern with TP-Link is that the signal

If this is the case in your environment perhaps all you need is 2-3 Zyxel APs individually configured with the same SSIDs. It will allow you VLAN configurations with your firewall and the roaming will be adequate enough for home use. You have to give some time to your clients to realize there is connection options around. You may have to play a bit with AP position and individual Tx power. You may have to forget connections on the clients and re-connect. I know Wi-Fi specifics in Europe and high Tx power is not what you want. I have a system with 4x APs running at around 20mW each in Europe, no controller and excellent roaming. Your APs have to be at around -60/65dBm otherwise you'll get so called "sticky clients". Omada and UniFi work best with multiple APs on lower power. If controller driven - better, but not required.

I live in a stand alone house with thick concrete floors, ceiling and brick walls.

This is what I have and using 4x APs in about 120m2 in Europe. Keep in mind on high power your clients will see the AP, but won't be able to communicate back to it through concrete walls. A single concrete wall can attenuate the signal -40dBm or more. Wi-Fi is two-way communication. Your clients are about 20mW or less. This is why good Wi-Fi and roaming needs planning. In Europe the conditions are more challenging. I live in North America most of the time and 4x APs here cover 600m2. Very different Wi-Fi planning with different channels available. And don't compare your new system with home products. Once done properly you'll never look back.

 

[coxhaus]

I tested neither Netgear (clear marketig for cloud management) nor Cisco (higher price class and targeted to other user class). That's why I estimated that Grandstream with a built-in AP controller in each AP could serve me better.

Thanks to all for advices

If you ever use Cisco software and see how well it works you never will go back to that other software crap.

 

[koaly]

If you ever use Cisco software and see how well it works you never will go back to that other software crap.

Thank you, I've got that point.

Being able to manage all connected APs from one UI is certainly convenient. My concern with Cisco APs is that the 150AX, for example, only has 2x2 MIMO, whereas other vendors offer 3x3 and even 4x4 with 2.5 GBE POE. And it is in the same price range of 100-150 Euros.

Of the brands I considered, Grandstream has a similar approach with an integrated AP controller and management of all APs from one UI. I can't say whether it's less reliable than Cisco, but all the reviews I've read on the forums are from happy users who switched from the buggy Unifi.

I have already looked at how Unify and TP-Link work and will be getting my hands on Cisco and Zyxel within the next month. Grandstream is rare in Europe and it's hard to find for these purposes.

I am grateful for the advice, ideas and experience I have received.