Router suggestions, Help appreciated.

[Fharden]

First is a rundown of equipment and clients. This Dentist I am working with is having network issues. They have 25 desktops, 7 IP phones, 3 printers, 8 wireless devices, 2 servers one handing out DNS and the main system that all the desktops access, and of course guest access. This number does fluctuate, and I have seen up to 70 connections. They constantly deny any great quality upgrades I have suggested. The equipment they have is a Google WiFi router and a managed switch from what I saw. They are constantly complaining that it takes forever to access Dentrix (local Server). I personally think that the router is overloaded. What would you suggest for a decent router that can handle the workload? I can use the Google WiFi in bridged mode to handle the WiFi as there isn't much on the wifi. If there is anymore detail you need let me know and I will get them to you, what I can at least.
thanks in advance.

 

[bbunge]

They need to look at a business router. Especially for the guest wifi as HIPA issues could shut them down.The business computers need to be on an isolated LAN from everything else.

 

[Fharden]

Thanks for your reply. The computers will be, Any suggestions on routers. I was looking at the Ubiquity EdgeRouter 4, I was just hoping it can handle everything. Like I said (or did I) they are tightwads. (I mean that in a not sarcastic way)

 

[tvyankee]

First is a rundown of equipment and clients. This Dentist I am working with is having network issues. They have 25 desktops, 7 IP phones, 3 printers, 8 wireless devices, 2 servers one handing out DNS and the main system that all the desktops access, and of course guest access. This number does fluctuate, and I have seen up to 70 connections. They constantly deny any great quality upgrades I have suggested. The equipment they have is a Google WiFi router and a managed switch from what I saw. They are constantly complaining that it takes forever to access Dentrix (local Server). I personally think that the router is overloaded. What would you suggest for a decent router that can handle the workload? I can use the Google WiFi in bridged mode to handle the WiFi as there isn't much on the wifi. If there is anymore detail you need let me know and I will get them to you, what I can at least.
thanks in advance.

Hello,

Would go with the 12 and not the 4. Also are they thinking of you to maintain and troubleshoot? If so the unfi stuff makes remote work for you a little easier.

 

[coxhaus]

I would take a look at the Cisco RV340 router, Cisco WAP581 wireless units, controller built-in, and a Cisco SG350 L3 switch. If you want to connect your server at 10 gig then a SG350X L3 switch. If you want POE+ power to run the IP phones then you will need a POE+ switch. A big Cisco SG350 POE+ switch will have loud fans which is fine in a wiring closet. If no wiring closet then I would use a small Cisco switch to power your IP phones and connect it to the L3 switch. This is to keep the noise down. Look at total POE+ power needed and buy a switch to fit. Running layer 3, L3, will give you plenty of speed to keep the server and internet running without any slowdowns. I have a thread on here on how to setup the Cisco SG350 L3 switch.

 

[Fharden]

Awesome, I will check into those. Thanks for the suggestions so far.

 

[Trip]

First off, a few words as a fellow consultant. You probably are well aware of what I'm about to say, but, nonetheless... Past a certain level of cost-cutting/denial, I would put your foot down on a minimum level of product/service here. The client simultaneously complaining about a sub-par experience while denying your suggestions to properly remediate doesn't do anything other than bankrupt the both of you, slowly but surely. That said, I'm sure there must be enough upsides to retaining them as a client, and good on you for trying to work within the confines of their needs.

Moving onto gear. As you're probably well aware, you need to progress to a business-class stack. Lowest hanging fruit is that Google product, in trade for a solid firewall and wireless.

Firewall - While an EdgeRouter, Mikrotik, Cisco RV or similar solution would likely handle the traffic load and core services, they may lack certain AAA and/or UTM/NGFW functionality required, either now or perhaps within the life-cycle of the purchase. If you sense that might be the case, then you might be better off taking a look at pfSense, OPNSense or Untangle on an x86 box, or even an entry-level Fortinet or Sophos (you can forgo the extra licenses and just buy the hardware to start; all core services will still function).

Switching - Depending on the robustness and port count of the managed switch you already have, you may be able to just re-purpose that as your core for the time being. If not, replace with as few switches as needed to keep the LAN as flat as possible. Regarding Layer 3, unless you're locally routing a ton of data and/or control plane traffic, you can likely just leave it on the firewall, especially with enough x86 CPU and Intel I210 ports or better (for enough queues per port). It may not be a network engineer's wet dream, but given the other constraints here, that extra spend could likely be invested with greater effect elsewhere (firewall and/or wifi).

Wireless - Ideally, a single ecosystem (UniFi, Cisco WAP/CBW, etc.). Even TP-Link Omada would suffice if you have to; EAP225v3's are $60 each and the controller can be run for free on one of the servers, or the OC200 appliance is only ~$95.

Roll any appropriate combination of the above, and they ought to be in a lot better shape than they're in right now. Minimum investment would be $350-400 total. If the client can't at least scrape that together, I'm not sure I'd want them working on my teeth, or anyone else's for that matter.

 

[Fharden]

First off, a few words as a fellow consultant. You probably are well aware of what I'm about to say, but, nonetheless... Past a certain level of cost-cutting/denial, I would put your foot down on a minimum level of product/service here. The client simultaneously complaining about a sub-par experience while denying your suggestions to properly remediate doesn't do anything other than bankrupt the both of you, slowly but surely. That said, I'm sure there must be enough upsides to retaining them as a client, and good on you for trying to work within the confines of their needs.

Moving onto gear. As you're probably well aware, you need to progress to a business-class stack. Lowest hanging fruit is that Google product, in trade for a solid firewall and wireless.

Firewall - While an EdgeRouter, Mikrotik, Cisco RV or similar solution would likely handle the traffic load and core services, they may lack certain AAA and/or UTM/NGFW functionality required, either now or perhaps within the life-cycle of the purchase. If you sense that might be the case, then you might be better off taking a look at pfSense, OPNSense or Untangle on an x86 box, or even an entry-level Fortinet or Sophos (you can forgo the extra licenses and just buy the hardware to start; all core services will still function).

Switching - Depending on the robustness and port count of the managed switch you already have, you may be able to just re-purpose that as your core for the time being. If not, replace with as few switches as needed to keep the LAN as flat as possible. Regarding Layer 3, unless you're locally routing a ton of data and/or control plane traffic, you can likely just leave it on the firewall, especially with enough x86 CPU and Intel I210 ports or better (for enough queues per port). It may not be a network engineer's wet dream, but given the other constraints here, that extra spend could likely be invested with greater effect elsewhere (firewall and/or wifi).

Wireless - Ideally, a single ecosystem (UniFi, Cisco WAP/CBW, etc.). Even TP-Link Omada would suffice if you have to; EAP225v3's are $60 each and the controller can be run for free on one of the servers, or the OC200 appliance is only ~$95.

Roll any appropriate combination of the above, and they ought to be in a lot better shape than they're in right now. Minimum investment would be $350-400 total. If the client can't at least scrape that together, I'm not sure I'd want them working on my teeth, or anyone else's for that matter.

 

[Fharden]

You hit the nail on the head right there buddy.it has been like pulling teeth. ( No pun intended) now their pano machine is out and that is gonna be at least a couple of grand. I will price everything and shoot it to them.. thank you for your help.

 

[Paul Connolly]

Hi all
I have been using opnsense for some time now for my customers.
One of the pluses for me is they provide integrator and customer commercial support options.

 

[chadster766]

On a budget the Linksys LRT214\224 will do the trick.

 

[chadster766]

For the small number of devices using the network a VLAN implementation may be overkill.

You definitely need to have all Ethernet connections be 1Gig though.