Jump to content

Looking for router recommendation


Marc_G

Recommended Posts

Marc_G

Hi folks,

 

My trusty 2009 Belkin N+ gigabit router is still working, but I've noticed a distressing increase in tendency for it to lose pairing with the cable modem in the last month or so. It might be completely on the side of the cable company / cable modem (which also provides voip telephony), but I'm considering pre-emptively replacing the router.

 

So, based on the typical "Media Browser Consumer tech profile" what would be a good replacement? Obviously needs gigabit hardwired ports plus whatever the latest wireless standard is, but I'm interested to hear practical use case feature/benefit discussion. I'd also like to be able to easily stream my collection out to the internet so I can play media from wherever I might be... ease of configuration for this is a plus.

 

One note about a deficiency in my current router:

 

In years past I've sometimes had folks hack my wifi system (which has always used WPA2 encryption), or at least try to do so persistently enough that the router's built in security started flashing LEDs at me warning of security breach attempts. These aren't Iranian hackers or anything, but suburban teens with too much time on their hands.  After this, I enabled wifi MAC address filtering which promptly resolved the matter. All was well.

 

Until my son started having friends over, that come with their tablets, asking for the wifi code. I can set up a guest wifi access spot on my current router, but IT SHARES THE MAC ADDRESS SCREENING TABLE.  So, to get a guest device working, even on the guest SSID, I have to enter their mac address into the router. I need to get away from that... it's a PITA.

 

Ideally, I'd like to be able to configure MAC filtering separately for guest access versus the main network. It's also important that the guest wifi not have access to any other computers on my main network.

 

Probably all this stuff is standard now, but I figured I'd run it by you all.  I could also I suppose use the old router as a bridge / access point of sorts, plugged into my new router, so it would set up a completely separate wifi network, without much security other than WPA code, and be turned on (plugged in) only when guests are about the house... that would work, wouldn't it? Or would the "double router" be a problem?

 

Thanks in advance for your insights.

 

Marc

Edited by Marc_G
Link to comment
Share on other sites

Koleckai Silvestri

I use a Netgear 3700 for my upstairs Wifi network. It supports Network Isolation on any of the three networks it provides (2.4 Ghz, 5 Ghz, Guest). If enabled on the Guest network, they won't see other devices on the network. You also want to turn off Wifi Protected Access where you push a button on the client and a button on the router and they are connected. This is weak security. The PINs are easy to crack. Finally always use WPA2/AES if all your devices support it (most do these days). 

 
If you run multiple networks, you can also deter people for 30-60 seconds by not broadcasting your main SSID.
Link to comment
Share on other sites

Marc_G

Thanks. I'll investigate that model. I understand it has network isolation (yea!) but can you confirm that MAC filtering on one network doesn't have to globally apply to all the wifi networks?

 

Meanwhile, yeah, I disable WPA on the router. I understand the use of it, for non-techies, but it's a huge security hole. On the other hand, I used to not broadcast my SSID, but I had some devices that wouldn't connect if the SSID wasn't broadcast (even if I manually entered the SSID on the device, no connection). Apparently it doesn't add much security, and it's nonstandard, so I stopped doing it.

 

I'm in no rush so I'm hoping over the coming days others will pipe in with continued suggestions.

 

Thanks!

 

Marc

Link to comment
Share on other sites

Koleckai Silvestri

It does not differentiate the mac address list. You may need a custom firmware like DD-WRT, FreeWRT or Tomato.

Link to comment
Share on other sites

Spaceboy

I've got the same as Wayne with dd-wrt installed on it. I like it very much

 

 

Sent from my iPhone using Tapatalk

Link to comment
Share on other sites

Marc_G

So I did some research...

 

The 3700 appears to now go by the moniker N600 (WNDR3700). Easily available, like on Amazon. For about the same price I can also get the N750 (WNDR4300) which is similar with a few more whizbang features I might or might not use. Comparison is at the bottom of this page.

 

I've a bad habit of making things overly complex. The "dual handling for MAC filtering" might be a case of this. Let me research the implications of putting an un-MAC-filtered router on the same network, which is turned on only when guests are around. I think it's no big deal to do, with two possibilities:

 

1. Easy. Just put the "guest network" router into access point mode, and turn off it's MAC filtering, with a network name and WPA2 password distinct from the main house router. But, this may not easily let me keep that network zone distinct from the rest of my network.

2. Leave the guest network in true router mode, no mac filtering, and set up the guest network on it with an easy password. I think I have to change the subnet it uses to avoid conflicts... need to relearn networking stuff...

 

In either case, the guest router would be turned on via a power strip only when needed. So not much of a security hole.

 

Thoughts?

 

Marc

Link to comment
Share on other sites

Koleckai Silvestri

I am probably going to replace my downstairs router with the Netgear 4300. Currently I am using an ARRIS Modem/Gateway from the Cable Provider downstairs and I want to split those off and end up saving $8.00 a month on my cable bill. I haven't experienced many security problems in my neighborhood but then everyone seems to have their own routers as 14 networks show up on a WiFi scan. Though four of those are mine (upstairs, downstairs, roku 1 remote, roku 2 remote).

 

Turning the router on and off could prevent people from getting in. You would still need normal security while it is on. I had briefly tried MAC address filtering years ago and realized it wasn't feasible on a decent sized network. I would have needed some way to automate it like the cable companies do but then they have hundreds if not thousands of CSRs that can update that table as well.

 

If only I could find a decent home router without wireless access, I could do my network a little more to my satisfaction. In the end though, you need to get something that fits your requirements and allows growth on the network. I am happy with Netgear. Others like Linksys or TP-Link. 

Edited by Wayne Luke
Link to comment
Share on other sites

Marc_G

Yeah, I'm leaning toward using a secondary router without MAC filtering (but with regular WPA2 enabled, of course) for when guests are about the house, turned on and off via an easy to operate power switch (or plug, wife friendly in either case!), avoiding the need for super-specialized differentiated MAC handling.

 

So, if I get one of these nice Netgear routers, what's the benefit of the custom firmware? I'm aware that such exist (though, not ported to my current Belkin model, sigh). But not sure what I would get from them.

 

Thanks!

 

Marc

Link to comment
Share on other sites

fantaxp7

I use a pfsense machine and a wireless access point. Also I use the comcast modem for when guests come, that isn't connect to the LAN.

 

Also maybe consider a wireless AC modem.

Link to comment
Share on other sites

DeeMac

These are for the Prosumer....  asus rt-ac66 or the better, more expensive rt-ac68. Both can be upgraded to dd-wrt.

Link to comment
Share on other sites

JoshFink

I have to agree with the Asus routers. Top notch, there is a custom firmware that is "slightly" altered and based off the original that adds some nice features HERE. Mine has been stable, runs fast and no dropped connections.

 

The MAC address filtering thing seems like a pain to me honestly.I would get the new router and see if you still have the same problem. You'll find the newer routers can handle a lot more "issues".

 

Turn on the guest network and keep all of your home machines behind the non-guest network. 

Let us know how it goes. 

 

EDIT: By the way, I just checked my router and it lets you set the MAC Filter by wireless band. i.e. you can turn it on for 2.4ghz and off for 5ghz and such. Might help out. 

Edited by JoshFink
Link to comment
Share on other sites

  • 2 months later...
Marc_G

This is a bit of a necro-post, but I just ordered the Netgear WNDR4300.  I had put the project on hold for a while, but I recently built a new computer for the kids with one of those little button USB wifi network adaptors... and the thing refuses to connect to my Belkin router. Occasionally it will partially connect but no internet access. Even with MAC filtering off the issue continues.  The wifi adaptor connects right up to my cell phone in tether mode... so the adaptor is OK.  Got a manufacturer refurb via Amazon for $59.99... pretty good price.

 

After I've used it for a while I'll add my comments on it to close out the thread. :-)  Thanks to all for your participation!

Link to comment
Share on other sites

porkbone

Been using that same model for about 6 months now, and it has worked great for us. Have not had your hacking issues, so I can't report on the mac address filter settings since we don't use them. The 5ghz could have a better range, but a good router... so far.

 

there is a DD-WRT firmware available for it, but haven't gone that route yet.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...