RRAS vs. everything
-
I would hope a home enthusiast is trying to do real IT. And as such would want to use solutions like ER with VPN solutions. The Cisco ASA or others are all viable options as well, just a lot more money and mainly only gaining the name.
Considering the costs RRAS and it's ilk probably shouldn't be used unless you have a special case that is solves.
-
I thought about deploying RRAS for my now "six-feet-under" UAG, but I didn't want to buy new licenses and CALs. So I've went for SoftEther, a multiprotocol VPN server. The administration is a bit odd, but once you get used to it...
There are a few pitfalls: You can't use AD authentication when running on a Linux host, for example. RADIUS can help here.
From what I can tell from the few days I'm running it, SoftEther is doing a good job and works pretty well with the built-in Windows SSTP client.
PS: I've choosed SoftEther because it was the only available Linux SSTP server. SSTP was a hard requirement.
-
There's also viable Open Source tools that you can turn pretty much any Linux machine into a router... or install things like pfSense or Vyatta/VyOS on a box or VM for this as well. (Somebody correct me if I'm wrong, but aren't the Ubiquiti routers based on VyOS?)
-
@dafyre said in RRAS vs. everything:
There's also viable Open Source tools that you can turn pretty much any Linux machine into a router... or install things like pfSense or Vyatta/VyOS on a box or VM for this as well. (Somebody correct me if I'm wrong, but aren't the Ubiquiti routers based on VyOS?)
Yes they are a fork of VyOS.
-
@thwr said in RRAS vs. everything:
I thought about deploying RRAS for my now "six-feet-under" UAG, but I didn't want to buy new licenses and CALs. So I've went for SoftEther, a multiprotocol VPN server. The administration is a bit odd, but once you get used to it...
There are a few pitfalls: You can't use AD authentication when running on a Linux host, for example. RADIUS can help here.
From what I can tell from the few days I'm running it, SoftEther is doing a good job and works pretty well with the built-in Windows SSTP client.
PS: I've choosed SoftEther because it was the only available Linux SSTP server. SSTP was a hard requirement.
That's an interesting requirement. How old of Windows are they running? Doesn't Windows 8 and newer support IPSec VPN?
-
@coliver said in RRAS vs. everything:
@dafyre said in RRAS vs. everything:
There's also viable Open Source tools that you can turn pretty much any Linux machine into a router... or install things like pfSense or Vyatta/VyOS on a box or VM for this as well. (Somebody correct me if I'm wrong, but aren't the Ubiquiti routers based on VyOS?)
Yes they are a fork of VyOS.
No. They are a fork of Vyatta. VyOS is also a fork of Vyatta.
-
Well, @scottalanmiller's normal suggestion is VyOS when talking about setting up your own software router. Someone want to give a few details of that SuperMicro running the NTG lab? (40gbps routing for not gobs of cash make me happy.)
-
I know this is off-topic but for those of you using Ubiquiti ER-X for your home router, does that replace your cable/FIOS router?
Or does it sit behind it?
-
@alex.olynyk said in RRAS vs. everything:
I know this is off-topic but for those of you using Ubiquiti ER-X for your home router, does that replace your cable/FIOS router?
Or does it sit behind it?
It sits behind it. It is only an Ethernet router. The ER-X can only forward ~500mbps, so be aware of that if you're lucky enough to have fiber!
-
@travisdh1 said in RRAS vs. everything:
Well, @scottalanmiller's normal suggestion is VyOS when talking about setting up your own software router. Someone want to give a few details of that SuperMicro running the NTG lab? (40gbps routing for not gobs of cash make me happy.)
It's a 1U SuperMicro with a quad core Xeon with hyperthreading and 12GB RAM. Latest VyOS installed on hardware RAID 10 with an LSI controller and I think 512MB cache. No need for that hardware RAID, it was already in the box so we didn't remove it
-
@alex.olynyk said in RRAS vs. everything:
I know this is off-topic but for those of you using Ubiquiti ER-X for your home router, does that replace your cable/FIOS router?
Yes it does.
-
@travisdh1 said in RRAS vs. everything:
@alex.olynyk said in RRAS vs. everything:
I know this is off-topic but for those of you using Ubiquiti ER-X for your home router, does that replace your cable/FIOS router?
Or does it sit behind it?
It sits behind it. It is only an Ethernet router. The ER-X can only forward ~500mbps, so be aware of that if you're lucky enough to have fiber!
Why behind it? That's an extra hop and more things to fail. We only do "behind it" when doing portable networks, which is rare.
-
@scottalanmiller said in RRAS vs. everything:
@travisdh1 said in RRAS vs. everything:
@alex.olynyk said in RRAS vs. everything:
I know this is off-topic but for those of you using Ubiquiti ER-X for your home router, does that replace your cable/FIOS router?
Or does it sit behind it?
It sits behind it. It is only an Ethernet router. The ER-X can only forward ~500mbps, so be aware of that if you're lucky enough to have fiber!
Why behind it? That's an extra hop and more things to fail. We only do "behind it" when doing portable networks, which is rare.
So it's a cable modem now?
-
@travisdh1 said in RRAS vs. everything:
@scottalanmiller said in RRAS vs. everything:
@travisdh1 said in RRAS vs. everything:
@alex.olynyk said in RRAS vs. everything:
I know this is off-topic but for those of you using Ubiquiti ER-X for your home router, does that replace your cable/FIOS router?
Or does it sit behind it?
It sits behind it. It is only an Ethernet router. The ER-X can only forward ~500mbps, so be aware of that if you're lucky enough to have fiber!
Why behind it? That's an extra hop and more things to fail. We only do "behind it" when doing portable networks, which is rare.
So it's a cable modem now?
No, the ER-X is not a cable modem. It doesn't have a coax input. But it does replace a router when possible.
-
@travisdh1 said in RRAS vs. everything:
@scottalanmiller said in RRAS vs. everything:
@travisdh1 said in RRAS vs. everything:
@alex.olynyk said in RRAS vs. everything:
I know this is off-topic but for those of you using Ubiquiti ER-X for your home router, does that replace your cable/FIOS router?
Or does it sit behind it?
It sits behind it. It is only an Ethernet router. The ER-X can only forward ~500mbps, so be aware of that if you're lucky enough to have fiber!
Why behind it? That's an extra hop and more things to fail. We only do "behind it" when doing portable networks, which is rare.
So it's a cable modem now?
A modem and a router are very different things. The question was replacing a router, and the answer is "yes", don't keep an extra router just to have an extra router. That you have a bridge for media transition is a different question and is a bridge function, not a routing one.
For FiOS, there is no bridge (what you call modem), it's direct ethernet, so ONLY a router... which you should always remove.
-
@Dashrender said in RRAS vs. everything:
But it does replace a router when possible.
Which is always possible. It's only a bridge that it can only replace sometimes
-
@Dashrender said in RRAS vs. everything:
@travisdh1 said in RRAS vs. everything:
@scottalanmiller said in RRAS vs. everything:
@travisdh1 said in RRAS vs. everything:
@alex.olynyk said in RRAS vs. everything:
I know this is off-topic but for those of you using Ubiquiti ER-X for your home router, does that replace your cable/FIOS router?
Or does it sit behind it?
It sits behind it. It is only an Ethernet router. The ER-X can only forward ~500mbps, so be aware of that if you're lucky enough to have fiber!
Why behind it? That's an extra hop and more things to fail. We only do "behind it" when doing portable networks, which is rare.
So it's a cable modem now?
No, the ER-X is not a cable modem. It doesn't have a coax input. But it does replace a router when possible.
In a lot of cases, ISPs are now supplying cable modem/router/wifi all in one devices to customers. Cox for example now does this if you want - OR you can get a plain cable modem that has no router/firewall/wifi options and supply your own.
i don't know how FIOS works, it's not in my city, so I've never seen one. Is the FIOS box similar to a plain cable modem with no other features, or is it at least an option? if not, do they have the option to put it into bridge mode basically turning off all of those features?
-
@scottalanmiller said in RRAS vs. everything:
@travisdh1 said in RRAS vs. everything:
@scottalanmiller said in RRAS vs. everything:
@travisdh1 said in RRAS vs. everything:
@alex.olynyk said in RRAS vs. everything:
I know this is off-topic but for those of you using Ubiquiti ER-X for your home router, does that replace your cable/FIOS router?
Or does it sit behind it?
It sits behind it. It is only an Ethernet router. The ER-X can only forward ~500mbps, so be aware of that if you're lucky enough to have fiber!
Why behind it? That's an extra hop and more things to fail. We only do "behind it" when doing portable networks, which is rare.
So it's a cable modem now?
A modem and a router are very different things. The question was replacing a router, and the answer is "yes", don't keep an extra router just to have an extra router. That you have a bridge for media transition is a different question and is a bridge function, not a routing one.
For FiOS, there is no bridge (what you call modem), it's direct ethernet, so ONLY a router... which you should always remove.
Ah, I completely missed the router instead of modem, apparently I'm a little bit distracted this morning
-
@scottalanmiller So if I am getting FIOS I can use the ER-X instead of the FIOS router supplied by Frontier?
-
@Dashrender said in RRAS vs. everything:
In a lot of cases, ISPs are now supplying cable modem/router/wifi all in one devices to customers.
But it is always the bridge, not the routing, functions that you need from them. And in those cases, you can almost always disable everything but the bridge.
