Networking for a new home

[fastapifastdisks]

Thank you for sharing. Honestly, while I have used the central managemnet, I have never used or enabled the cloud functionality. The central management from a local machine worked fine for the clients requirement. I am using a software based controller which runs in a virtual machine.

The problem of the devices getting detected is often a combination of the version of the controller and the revision of the firmware installed on the device. If you get a chance, first update all devices to latest firmware and then try the different versions of the (software) controller in a vm.

You can get the best of both world by using pfsense or mikrotik gateway for the best VPN performance while using Omada only to manage the wifi. It is a no contest when we put an x86 machine against the embedded platform.

When a static IP and/or inbound VPN is available, I prefer never to use 3rd party or manufacturer cloud service when static IP is available and never open ports when an inbound VPN is available.

pfsense was my first choice but if something goes wrong the place where the setup is deployed they cannot fix it,especially the complex vpn setup of pfsense. The isp people there nor the local it technicians cant too, so it was best to use something with a very simple ui/commercial designed for non tech adept users.

 

[gwrench2000]

pfsense was my first choice but if something goes wrong the place where the setup is deployed they cannot fix it,especially the complex vpn setup of pfsense. The isp people there nor the local it technicians cant too, so it was best to use something with a very simple ui/commercial designed for non tech adept users.

New versions of pfsense can be configured to take (automatic) backup on every configuration change. Even a non-technical person can restore the xml file. The backup can even be stored on netgate cloud. https://docs.netgate.com/pfsense/en/latest/backup/autoconfigbackup.html

If you have a static IP and (pre)configure an incoming VPN, it is very easy to remote-admin., without any 3-rd party cloud service.

Actually I am using pfsense along with Omada for purely the wifi part. The Omada has been quite satisfactory managing the wifi. Firewall access is restricted to responsible and technical person only. Specially since it does not require fiddling everytime. You can even lock it down so only a particular machine can access firewall. This offers the best of both worlds because the tampering of firewall can be restricted while local technican can be given access to omada controller and wifi.

But agreed if the location has people who tinker with the firewall without knowning operation, its best too keep it simple.

 

[fastapifastdisks]

Actually I am using pfsense along with Omada for purely the wifi part. The Omada has been quite satisfactory managing the wifi. Firewall access is restricted to responsible and technical person only. Specially since it does not require fiddling everytime. You can even lock it down so only a particular machine can access firewall. This offers the best of both worlds because the tampering of firewall can be restricted while local technican can be given access to omada controller and wifi.

But agreed if the location has people who tinker with the firewall without knowning operation, its best too keep it simple.

The people where this is deployed are too non-tech adept,so something easy like omada was the best.Plus we only need the vpn occasionally if someone wants to wfh. Performance is okay, we get 5-6 mbps up/down on a 10*/100 up/down connection my x86 machine on same isp gets 9 mbps. 5-6 mbps is enough for the use case, they simply use it to connect to office lan for file server that is it occasionally while wfh.

 

[saurabhpach]

Wired cabling solution specifically power on Ethernet (Poe) options are a all inclusive solution. Wifi and mesh sucks howsoevee hard you try, because Indian homes use brick and concrete which just kills wifi speeds. In foreign countries most construction is wood and false walls, which is excellent for wifi stretch. Since you have a Choice get a gigabit Cisco enterprise switch for the entire house. Connect your modem to it and you’ll thank me later for that decision. Non enterprise solutions will kill your speeds and put additional latency in your network. Remember you’re building the house now for the future. Things using internet will just keep going up. You gotta cater for that. So give a port or two everywhere, even though it’s not active. Use high grade shielded cat 8 cables to cater for the future speed requirements. Once you put in the cabling it’s gonna be there for a long while. Best to get a solution provider to do this for you rather than doing it yourself. They understand and do a better job once you give them your requirements clearly.