RRAS vs. everything
-
I know lots of people use Ubiquiti Edge devices for their routers. But is anyone doing anything software level instead like RRAS or something different? If so, what are you using?
-
I've used Cisco PIX and their VPN before and SonicWall and the VPN.
Considering the cost of UBNT Edge Routers, for an SMB do you really want/need a more expensive solution?
RRAS is Windows based. $800+ Windows server license and hardware, considerably more expensive.Did you have something else in mind?
-
@Dashrender said in RRAS vs. everything:
I've used Cisco PIX and their VPN before and SonicWall and the VPN.
Considering the cost of UBNT Edge Routers, for an SMB do you really want/need a more expensive solution?
RRAS is Windows based. $800+ Windows server license and hardware, considerably more expensive.Did you have something else in mind?
Don't forget CALS
-
If you really wanted to do your own thing, you could do Linux and OpenVPN, but again, you're probably going to be higher cost than ER stuff, and power usage will almost certainly be higher (though I suppose you could run something on something like an Raspberry Pi).
-
@Dashrender said in RRAS vs. everything:
I've used Cisco PIX and their VPN before and SonicWall and the VPN.
Considering the cost of UBNT Edge Routers, for an SMB do you really want/need a more expensive solution?
RRAS is Windows based. $800+ Windows server license and hardware, considerably more expensive.Did you have something else in mind?
I guess software licensing is a toss up because some places provide keys for lots of things. Depending on if you're a partner, developer, etc. But you're right, for the average individual, RRAS costs money.
Nothing in mind. I get free Microsoft licensing through both work and school so I've been back and forth with RRAS. Right now I'm not using RRAS though because I sold my server to a local SMB. So I really just have nothing at the moment.
Doesn't have to be for SMB since I wouldn't recommend the cost of RRAS anyway. I was thinking about what the home enthusiast is running really.
-
I would hope a home enthusiast is trying to do real IT. And as such would want to use solutions like ER with VPN solutions. The Cisco ASA or others are all viable options as well, just a lot more money and mainly only gaining the name.
Considering the costs RRAS and it's ilk probably shouldn't be used unless you have a special case that is solves.
-
I thought about deploying RRAS for my now "six-feet-under" UAG, but I didn't want to buy new licenses and CALs. So I've went for SoftEther, a multiprotocol VPN server. The administration is a bit odd, but once you get used to it...
There are a few pitfalls: You can't use AD authentication when running on a Linux host, for example. RADIUS can help here.
From what I can tell from the few days I'm running it, SoftEther is doing a good job and works pretty well with the built-in Windows SSTP client.
PS: I've choosed SoftEther because it was the only available Linux SSTP server. SSTP was a hard requirement.
-
There's also viable Open Source tools that you can turn pretty much any Linux machine into a router... or install things like pfSense or Vyatta/VyOS on a box or VM for this as well. (Somebody correct me if I'm wrong, but aren't the Ubiquiti routers based on VyOS?)
-
@dafyre said in RRAS vs. everything:
There's also viable Open Source tools that you can turn pretty much any Linux machine into a router... or install things like pfSense or Vyatta/VyOS on a box or VM for this as well. (Somebody correct me if I'm wrong, but aren't the Ubiquiti routers based on VyOS?)
Yes they are a fork of VyOS.
-
@thwr said in RRAS vs. everything:
I thought about deploying RRAS for my now "six-feet-under" UAG, but I didn't want to buy new licenses and CALs. So I've went for SoftEther, a multiprotocol VPN server. The administration is a bit odd, but once you get used to it...
There are a few pitfalls: You can't use AD authentication when running on a Linux host, for example. RADIUS can help here.
From what I can tell from the few days I'm running it, SoftEther is doing a good job and works pretty well with the built-in Windows SSTP client.
PS: I've choosed SoftEther because it was the only available Linux SSTP server. SSTP was a hard requirement.
That's an interesting requirement. How old of Windows are they running? Doesn't Windows 8 and newer support IPSec VPN?
-
@coliver said in RRAS vs. everything:
@dafyre said in RRAS vs. everything:
There's also viable Open Source tools that you can turn pretty much any Linux machine into a router... or install things like pfSense or Vyatta/VyOS on a box or VM for this as well. (Somebody correct me if I'm wrong, but aren't the Ubiquiti routers based on VyOS?)
Yes they are a fork of VyOS.
No. They are a fork of Vyatta. VyOS is also a fork of Vyatta.
-
Well, @scottalanmiller's normal suggestion is VyOS when talking about setting up your own software router. Someone want to give a few details of that SuperMicro running the NTG lab? (40gbps routing for not gobs of cash make me happy.)
-
I know this is off-topic but for those of you using Ubiquiti ER-X for your home router, does that replace your cable/FIOS router?
Or does it sit behind it?
-
@alex.olynyk said in RRAS vs. everything:
I know this is off-topic but for those of you using Ubiquiti ER-X for your home router, does that replace your cable/FIOS router?
Or does it sit behind it?
It sits behind it. It is only an Ethernet router. The ER-X can only forward ~500mbps, so be aware of that if you're lucky enough to have fiber!
-
@travisdh1 said in RRAS vs. everything:
Well, @scottalanmiller's normal suggestion is VyOS when talking about setting up your own software router. Someone want to give a few details of that SuperMicro running the NTG lab? (40gbps routing for not gobs of cash make me happy.)
It's a 1U SuperMicro with a quad core Xeon with hyperthreading and 12GB RAM. Latest VyOS installed on hardware RAID 10 with an LSI controller and I think 512MB cache. No need for that hardware RAID, it was already in the box so we didn't remove it
-
@alex.olynyk said in RRAS vs. everything:
I know this is off-topic but for those of you using Ubiquiti ER-X for your home router, does that replace your cable/FIOS router?
Yes it does.
-
@travisdh1 said in RRAS vs. everything:
@alex.olynyk said in RRAS vs. everything:
I know this is off-topic but for those of you using Ubiquiti ER-X for your home router, does that replace your cable/FIOS router?
Or does it sit behind it?
It sits behind it. It is only an Ethernet router. The ER-X can only forward ~500mbps, so be aware of that if you're lucky enough to have fiber!
Why behind it? That's an extra hop and more things to fail. We only do "behind it" when doing portable networks, which is rare.
-
@scottalanmiller said in RRAS vs. everything:
@travisdh1 said in RRAS vs. everything:
@alex.olynyk said in RRAS vs. everything:
I know this is off-topic but for those of you using Ubiquiti ER-X for your home router, does that replace your cable/FIOS router?
Or does it sit behind it?
It sits behind it. It is only an Ethernet router. The ER-X can only forward ~500mbps, so be aware of that if you're lucky enough to have fiber!
Why behind it? That's an extra hop and more things to fail. We only do "behind it" when doing portable networks, which is rare.
So it's a cable modem now?
-
@travisdh1 said in RRAS vs. everything:
@scottalanmiller said in RRAS vs. everything:
@travisdh1 said in RRAS vs. everything:
@alex.olynyk said in RRAS vs. everything:
I know this is off-topic but for those of you using Ubiquiti ER-X for your home router, does that replace your cable/FIOS router?
Or does it sit behind it?
It sits behind it. It is only an Ethernet router. The ER-X can only forward ~500mbps, so be aware of that if you're lucky enough to have fiber!
Why behind it? That's an extra hop and more things to fail. We only do "behind it" when doing portable networks, which is rare.
So it's a cable modem now?
No, the ER-X is not a cable modem. It doesn't have a coax input. But it does replace a router when possible.
-
@travisdh1 said in RRAS vs. everything:
@scottalanmiller said in RRAS vs. everything:
@travisdh1 said in RRAS vs. everything:
@alex.olynyk said in RRAS vs. everything:
I know this is off-topic but for those of you using Ubiquiti ER-X for your home router, does that replace your cable/FIOS router?
Or does it sit behind it?
It sits behind it. It is only an Ethernet router. The ER-X can only forward ~500mbps, so be aware of that if you're lucky enough to have fiber!
Why behind it? That's an extra hop and more things to fail. We only do "behind it" when doing portable networks, which is rare.
So it's a cable modem now?
A modem and a router are very different things. The question was replacing a router, and the answer is "yes", don't keep an extra router just to have an extra router. That you have a bridge for media transition is a different question and is a bridge function, not a routing one.
For FiOS, there is no bridge (what you call modem), it's direct ethernet, so ONLY a router... which you should always remove.