The best 802n wireless accesspoint?
-
@SunCatalyst:
here again ive NEVER used a UniFi in a home enviroment.
i'm using them at work (a dozen or so) AND 2 at home, a very happy camper here..
I have the regular UniFi's - not the LR or PRO - and i think is more than enough, rangewise. Recently I bought a Pico too, just to play with it..
If you don't use a guest portal you wont need a controller running… set them up, save the config on you Dropbox of Copy drive and forget about it 'til you want to change somethin' -
I'm running the TP-Link TL-WR1043ND with Gargoyle (see http://www.gargoyle-router.com/) to handle my 'G' traffic. I have an Asus RT-N66U for 'N' traffic. Gargoyle is a simplified UI on top of open-wrt and I have personally found it to be more stable than dd-wrt on the TP-Link.
All that said - while the TP-Link is a nice router, I don't think it's in the same class as the Asus RT-N66U. Of course, it also costs considerably less!
-
@SunCatalyst:
here again ive NEVER used a UniFi in a home enviroment.
i'm using them at work (a dozen or so) AND 2 at home, a very happy camper here..
I have the regular UniFi's - not the LR or PRO - and i think is more than enough, rangewise. Recently I bought a Pico too, just to play with it..
If you don't use a guest portal you wont need a controller running… set them up, save the config on you Dropbox of Copy drive and forget about it 'til you want to change somethin'I have to agree. I use Ubiquiti UniFi at home and at many of my client sites. Ranging from 1 - 20 access points. Very easy to configure and deploy. Great range and reliability.
-
Did I read the Ubiquiti UniFi info correctly?
http://www.ubnt.com/unifi#UnifiSoftware
These need a Mac or Windows to administer?
-
I use a pair of D-Link DAP-2553's for wifi AP's. One for 2.4Ghz, and the other for 5Ghz. They are two-stream so they link up at 300Mbit. I have seen real world >100mbit through them, which isn't bad IMO! They aren't too expensive either.
-
-
-
Here you go: http://community.ubnt.com/t5/UniFi/UniFi-Release-2-3-9/td-p/218731
-
Thank you all very much for all your replies ;D
All the positive remarks have convinced me to buy a Unifi UAP-PRO device. However, there is one thing I don't understand:
- I will connect it to my switch, and then, as far as I know, all traffic will be protected by Pfsense.
- So why then all the articles on the net about WEP/WPA easy to crack? If I am protected by Pfense, my neighbor can't get on my LAN, so can't get to my device, so can't crack my WEP/WPA ???
I am sure this is a stupid question ( ;D) but I don't know that much about all of this (but I could do your taxes ;D).
-
@Hollander:
If I am protected by Pfense, my neighbor can't get on my LAN, so can't get to my device, so can't crack my WEP/WPA ???
But your neighbour might get close enough to receive the wireless traffic and possibly get passwords, credit card numbers etc.
It can be significantly easier to listen in on WiFi traffic than it is to listen in on wired traffic.
-
The wireless encryption you use, wep/wpa, will always be vulnerable to attack since it's broadcast to anyone in your general vicinity.
Do not use WEP since it's very easy to crack. If you stick to WPA2 and a use a random passcode you will be relatively safe.
pfSense cannot protect your wifi but where it can help is separating your wifi traffic from your LAN. Connect your wifi access point to a separate interface and you can filter the traffic on in independently. Thus even if an attacker cracked your wifi encryption they would still not have general access to your LAN. Of course this can present it's own set of problems since often that's exactly what you want to use wifi for yourself. ;)Steve
-
Thank you to the both of you for replying (hi Steve, didn't know you were here also ;D :D ;D).
Ok, I was sort of mixed up assuming that PFS would protect all wireless transmissions also. I am tempted to believe that was indeed a stupid assumption, but a small part of brain says 'I don't understand why not'. But mostly, when small parts of my brain start to complain, I tell them to shut up. After all, my brain is a democracy where the majority decides what is right for the whole of my brain ( ;D).
I have ordered the UAP-PRO (from a shop in the UK with fair prices; over here they are way overpriced), and expect arrival early next week. What I now need to find out is how to setup everything 'the smart way', given the following problem. If you choose to use top quality products, you get top quality complexity ( ;D):
- PFS 2.0.2 has 'VLANS';
- My HP 1910 switch has 'VLANS';
- The UAP-PRO wireless access point has 'VLANS';
And I don't even understand a thing about 'VLANS' 8) ( :D). Well, I understand it at the very highest level: it is a 'virtual LAN', and it appears to be used to separate different segments of the LAN. But then again, so do 'subnets'. Google is cheating on me again, because it only gives me rubbish.
So, would perhaps somebody have a link to an explanation that even a noob on these matters will understand? I would, for the so-many-time'd - be in debt for that :-[
Steve, could I ask about this:
[quote]Connect your wifi access point to a separate interface and you can filter the traffic on in independently
I am afraid I don't understand it. What I do understand is:
- Interface 0: WAN, goes into my ISP-modem/router
- Interface 1: LAN, goes to my HP Switch.
- Interface 3: OPT, but not available for me as I was recommended to buy the separate access point for that.
So as far as I understand, my accesspoint will connect via a network cable to my HP-1910 switch, and from there on, 'everything magically works'.
So, if I may ask: what do you mean with 'connect the WIFI-access point to a separate interface'? Which interface? I don't have that, I thought it goes into the HP Switch?
(Probably again a stupid question, sorry).
Thank you very much to all of you for all your help :-)
Bye,
-
Just plug the AP into your switch, and use WPA2/AES and a good password and you will be fine. Connecting the AP to another interface on the pfsense box is an alternate configuration that is significantly more complicated and as mentioned by Steve, may not really provide more security unless you are really fine grained about what you allow to traverse from LAN <–> WIFI which will also probably cause you headaches you don't want.
Most people just run their AP's off their switch (that's how I do it) and just rely on the wifi encryption. As long as you don't use WEP as mentioned you are pretty safe, but it may be a good idea to change the password occasionally.
-
Hollander, I can't actually remember off hand what motherboard you went with in the end. :-[ However I believe you only had 2 network interfaces, yes?
Like extide said you will be fine just connecting the access point to your switch. WPA2/AES is sufficiently secure.
If you did want to isolate your wifi traffic you would have to use VLANs since you don't have a spare interface to connect it directly.
That's probably a subject for another thread though as it get complicated. However since all your devices support VLANs you have many options available to you.Steve
-
I use a MikroTik rb751G-2HnD, with RouterOS installed, but configured just as an AP.
It doubles as an emergency spare in case the big pfSense hardware has a blocker fault (fingers kept crossed hoping that will never happen).
-
Thank you once again for your help ;D
I will then proceed by putting it in the switch, and see how that works.
Btw: Stephen, I have the Intel mobo that you recommend in some threads. It works flawlessly. I will put the hardware specs in my sig, that is probably more comfortable for anybody who wonders what I have.
-
does any1 know of any AP similar to the below in size etc, probably with option to add rubber duck antenna. size is important for me, i dont want those big and bulky AP, minimum b/g and if possible n but not compeltely necessary
-
VLANs occur on layer 2 and if setup properly create separate virtual infrastructures. Subnets divide the IP space.
-
VLANs occur on layer 2 and if setup properly create separate virtual infrastructures. Subnets divide the IP space.
This is a very helpful remark (as I am trying to figure out what I need to do with VLANs and subnets and my appliances and don't understand a thing about how to do it. So subnets are within VLANs?
-
the ubiquity ones have a bulky power brick, i wonder y they dont make direct socket powered access point or atleast make use of modern power adapters which r tiny and very light
