Help with Network Layout for 2-story home

[coxhaus]

I think either setup would work. It is kind of your choice.

The Cisco wireless built-in controllers only seem to limit you to like devices. If a master controller goes down the rest of the running single point setup APs automatically promote another master controller so you are not locked into 1 main AP being central to a group of APs. All the of the APs can be a master controller. At least that is the way my Cisco WAP371 APs worked. I assume it works the same for my newer Cisco WAP581 APs.

 

[Trip]

As @coxhaus said, I think generally, one would be pretty pleased with either. That said, I would add two points, plus a bias given your needs:

1) If you went Ubiquiti and you wanted to tweak or monitor wifi, even infrequently, it's probably just easiest to keep the UniFi controller running, be it on a PC, VM (local or cloud) or a CloudKey Gen2. Whatever it is, that's something to account for.

2) In regards to reliability and/or support, first off it's important to know that regardless of the quality perception, we're still dealing with commodity supply chain in both cases, so similar failure domains will still exist, even if failure rates are slightly lower with Cisco (which they likely are). That said, I would give Cisco the edge on vendor-direct support, and that's of course due to Ubiquiti's value chain being aimed at integrators, VARs and MSPs, who themselves were always intended to be the primary line of support. That of course hasn't stopped end-users from ordering the gear direct (nor should it, really), but it should give pause to those who do so, then have inevtiable complications, then come back crying that all they can find for support is a forum, a partially-populated KB, a slowly-checked email address and some third-party YouTube videos and blogs. Granted, there is UniFi Elite, but it's more of an add-on product for those who already know what they're doing, than it is a business unit designed from the ground-up to support end users.

Everything considered, I'd probably lean towards Cisco for this use-case.

 

[coxhaus]

Nice Trip. I am bias, so of course I would buy Cisco. I did.

Even my daughter's small business with 19 employees I use Cisco small business gear. It is very reliable which makes my free support very minimal.

Oh, and by the way I used the same setup for my daughter's business as I use a my home. The only change which is coming is when we setup 19 VOIP Polycomm phones. I plan to setup a VOIP VLAN which has QoS priority as the SG350, SG550 switches have it built-in. I just have to figure out the settings.

 

[Trip]

Indeed. At least for switching, I was just in a business with a few dozen users running on a SG300/500 fabric, and I know the MSP would have had ripped and replaced for Catalyst or HPE if the situation called for it, but it's been running fine for their needs (not a huge amount of traffic and no real SDN required). Solid stuff that does work when it's a fit, no doubt about it.

For firewall/gateway, most businesses I see have gone to UTM/NGFW vendors (Palo for the big guys; Fortinet, Sophos, Watchguard for the smaller ones). And wifi tends to be more of a mixed bag; I'm seeing more UniFi than Cisco WAP lately, but that's because most of the MSPs around here have been pushing it so hard over the last few years.

 

[coxhaus]

Yea, UTM is the best over a router. Those are some big names with prices to go with them. The best UTM that I ran for home is Untangle. They had a cheap solution for home use. The maintenance was very low for a UTM. But UTM is a high maintenance item with a learning curve. You need a good understanding of networking as to tell what is going on. I turned off my server farm so I will probably not go back as I plan to sell my rack and servers.

 

[trpltongue]

I’m happy to hear you guys are in alignment because I just ordered the Cisco gear and it should be here next weekend

I’m planning to set up the router and switch on a test bench connected to the ATT gateway initially so that I don’t interrupt anything at the house, and then I’ll add in the AP’s and make sure they are setup and working.

Then I’ll temporarily disable WiFi on the main system and do some position testing on the AP’s. Any recommendation / guides on software to identify the best spot for the APs?

Once I get everything dialed in and working, I’ll remove the old switchgear and disable all routing/DHCP on the ATT gateway.

I do need to do some research on how to setup the ATT gateway so that it’s just passing on the internet signal and not doing anything else. The RV340 will have all of the normal security layers etc on by default correct?

Thanks for all your help so far!

 

[coxhaus]

You need some wireless spectrum software which shows all the 2.4GHz and 5GHz wireless networks to figure out the best channels to use. On the wireless Cisco WAP581 AP run the Single point setup since you are going to setup 2 WAP581 wireless APs. The first WAP581 you setup and the second WAP581 AP automatically sets up as the first one in the same cluster. It is easy. If you want to run 2 SSIDs, LAN and guest I would use separate VLANs. I recommend using your guest as one of the SSIDs. Don't use the guest in the wizard as it will be a captive portal which I have not had time to setup for the WAP581. Pick your main LAN SSID as VLAN1 for both radio1,5GHz and radio2,2.4GHz, I think I used VLAN2 as my guest VLAN. We can manually add the second SSID after the wizard run. On the switch you need a trunk port with both VLANs, VLAN1 and VLAN2 defined to the trunk port. You will need 2 wireless trunk ports. This will finish the wireless setup. I forgot you will want to install the latest firmware on the WAP581 APs. Download the latest firmware from Cisco to your PC so when the Single point setup runs it will ask if you want to update to the latest firmware. Use what you downloaded from Cisco.

You want to run the wizard on the RV340 to setup the basic router. AT&T may be PPPOE. I don't remember since it has been many years ago when I ran AT&T DSL. They have never offered fiber to me.

The RV340 router will connect to your Cisco switch as an access port if you setup layer3 in the switch. I would start in VLAN1. We can move it to a router VLAN later as a second phase. If you use layer2 then you will need to use a trunk port for the RV340 router so the RV340 router can do all the local L3 routing. Using L2 will require you to define all VLANs on the RV340 as well as the switch. I have a thread for setting up a Cisco SG300-28 switch in layer3 mode. Look back through my old threads. It will be close for the SG350 switch. I would use L3 on the switch. It is the hardest setup but worth it.

It now takes me a couple of hours to set this up. It took me 3 days to get it working the first time. If you want a lot of help I suggest you start a thread where we can put screen captures so other people can use it as well.

PS
You will want to load the latest firmware on the switch and router before we do much configuration as they will require reboots with resets to factory defaults which wipes out the configs.

 

[trpltongue]

Coxhaus, you rock!

I will definitely setup a separate thread to get the planning going.

I can’t thank everyone enough who helped out on this thread, you all helped me feel comfortable that I can get this all setup with admittedly zero network training other than basic setup of WiFi routers

 

[Trip]

@coxhaus - Given that this is fiber, I think the OP is probably running an AT&T branded ONT/GPON at the drop, so PPPoE is probably being handled there. If yes, then only vanilla DHCP would be required for the WAN interface on the RV340. I could be wrong, though...

And another vote for setting up L3 mode, including DHCP and DNS, on the SG350. It will be a more involved setup, but your local network will lose the extra hop required for anything other than masquerade to the internet.

You've definitely got a solid setup brewing here. Excited to hear how it turns out once it's all setup.

 

[trpltongue]

You are correct Trip regarding the PPPoE being done on the ATT ONP. I just need to figure out how to get the ATT hardware to play nice with the Cisco hardware .

I’ll definitely want to understand more about setting up L3 on the switch, which I’ll put into a new thread for the actual network makeup