Hello guys and gals,
I am a beginner- novice to network security and the technicals of routers modems and firewalls. I am looking to step up my equipment to something with some more customization for network security, scrutiny, segmentation/isolation of my devices to increase my privacy while still being fairly easy to setup and maintain. I’m also looking to setup AdGuard home DNS and not sure what the best way to do this without needing to add extra equipment to my network.
I’ve been having Wi-Fi connection issues with my ASUS router connected to my isp gateway and looking for other options.
My current devices and setup.
AT&T Fiber to the node 100/20->
Arris BGW 210 AT&T Gateway->
ASUS Wi-Fi router AC-RT68U(ASUS-WRT)
I have five people in the house and 19 devices on the network, which are connected by Wi-Fi to the ASUS router and a Synology NAS which is the only device connected by Ethernet to the ASUS.
All devices in the home:
Laptops (3)
Phones (6)
Synolgy NAS (1)
IP cameras (7)
Printer (1)
Scanner(1)
I have to use the ATT provided gateway and I have it setup
behind my ASUS router with the Wi-Fi off on the Arris Gateway. I have not enabled ATT s version of bridge mode called "IP passthrough” , which isn’t a true bridge and still leaves me double NATd and I get slower speeds when I enable it. But that’s okay because I have no need for port forwarding or VPN currently.
I have tried to add guest mode on my ASUS but it still allows devices to access the ATT Gatesy web gui login. It does not isolate access to other devices on my LAN.
I’ve done reading on and off over the past year. on what’s out there from enterprise to prosumer. The options I’ve come across in terms of feature I’m looking for while still being able for me to understand with my limited knowledge I’m leaning towards are
—Firewalla Gold- this seems exactly what I’m looking for in terms of ease of use and customizations with VLANS with unbound. I have some hesitation about the company though as I cannot find much info about them, fairly new startup also needs cloud to function which is another reservation.
—PFsense/OPNsense seems to be the most popular and most customizable but also the most technical for me to understand, setup and maintain. It may not be worth the increased security if I’m not sure how to set it up.
—OpenWRT— Maybe a bit easier to setup and manage than OPNsense but more customizable with network isolation of devices compared to my ASUS.
Other options:
—Leave setup as is. Setting up a something behind my scope of knowledge might make my network less secure.
—Flashing ASUS-wrt Merlin on my router.
—Adding a piHole to my existing setup.
—Synology containers with AdGuard Home. Don’t know much about this as I just have my personal files shared on the local network and don’t want to risk opening up the Synology to the WAN.
— setup everything on my ISP router gateway which seems to be the most reliable in terms of connection. I’m not sure how insecure my ISP Gateway is. All I know is that the router is still being updated by ATT and ATT alerts me by the ATT app and email whenever a new device connected.
— Cascade my routers and turn on guest mode on the att router to put my other devices onto.
Appreciate any suggestions or experiences with the above options of any other options that might be available.
I am a beginner- novice to network security and the technicals of routers modems and firewalls. I am looking to step up my equipment to something with some more customization for network security, scrutiny, segmentation/isolation of my devices to increase my privacy while still being fairly easy to setup and maintain. I’m also looking to setup AdGuard home DNS and not sure what the best way to do this without needing to add extra equipment to my network.
I’ve been having Wi-Fi connection issues with my ASUS router connected to my isp gateway and looking for other options.
My current devices and setup.
AT&T Fiber to the node 100/20->
Arris BGW 210 AT&T Gateway->
ASUS Wi-Fi router AC-RT68U(ASUS-WRT)
I have five people in the house and 19 devices on the network, which are connected by Wi-Fi to the ASUS router and a Synology NAS which is the only device connected by Ethernet to the ASUS.
All devices in the home:
Laptops (3)
Phones (6)
Synolgy NAS (1)
IP cameras (7)
Printer (1)
Scanner(1)
I have to use the ATT provided gateway and I have it setup
behind my ASUS router with the Wi-Fi off on the Arris Gateway. I have not enabled ATT s version of bridge mode called "IP passthrough” , which isn’t a true bridge and still leaves me double NATd and I get slower speeds when I enable it. But that’s okay because I have no need for port forwarding or VPN currently.
I have tried to add guest mode on my ASUS but it still allows devices to access the ATT Gatesy web gui login. It does not isolate access to other devices on my LAN.
I’ve done reading on and off over the past year. on what’s out there from enterprise to prosumer. The options I’ve come across in terms of feature I’m looking for while still being able for me to understand with my limited knowledge I’m leaning towards are
—Firewalla Gold- this seems exactly what I’m looking for in terms of ease of use and customizations with VLANS with unbound. I have some hesitation about the company though as I cannot find much info about them, fairly new startup also needs cloud to function which is another reservation.
—PFsense/OPNsense seems to be the most popular and most customizable but also the most technical for me to understand, setup and maintain. It may not be worth the increased security if I’m not sure how to set it up.
—OpenWRT— Maybe a bit easier to setup and manage than OPNsense but more customizable with network isolation of devices compared to my ASUS.
Other options:
—Leave setup as is. Setting up a something behind my scope of knowledge might make my network less secure.
—Flashing ASUS-wrt Merlin on my router.
—Adding a piHole to my existing setup.
—Synology containers with AdGuard Home. Don’t know much about this as I just have my personal files shared on the local network and don’t want to risk opening up the Synology to the WAN.
— setup everything on my ISP router gateway which seems to be the most reliable in terms of connection. I’m not sure how insecure my ISP Gateway is. All I know is that the router is still being updated by ATT and ATT alerts me by the ATT app and email whenever a new device connected.
— Cascade my routers and turn on guest mode on the att router to put my other devices onto.
Appreciate any suggestions or experiences with the above options of any other options that might be available.
