Ubiquiti Security Gateway

coliver

@fateknollogee said in Ubiquiti Security Gateway:

@fateknollogee said in Ubiquiti Security Gateway:

How's the VPN performance on the ERL?

Anyone??

Last I heard it's pretty decent. I haven't tested it myself.

JaredBusch

@fateknollogee said in Ubiquiti Security Gateway:

How's the VPN performance on the ERL?

The answer is "it depends" of course.

OpenVPN maxes out at ~12mbps due to processor constraints.

Offloaded IPSEC can do north of 100mbps, this thread has some postings.
https://community.ubnt.com/t5/EdgeMAX/ERL-Performance-Testing-with-IPSec-VPN/td-p/1050229

If you have any kind of traffic shaping policies enabled though, you will lose all offload capability and thus lose performance.

Using IPSEC and one method of traffic policy, I can only get roughly 35mbps. Using another form of traffic policy I can get 65mpbs.

Mike Davis

I like the ER X for home use because you can get the PoE model and run a couple APs (even the 24v passive ones) off it and not have to have an injector or PoE switch for it. Makes for a clean low power draw install.

Dashrender

@mike-davis said in Ubiquiti Security Gateway:

I like the ER X for home use because you can get the PoE model and run a couple APs (even the 24v passive ones) off it and not have to have an injector or PoE switch for it. Makes for a clean low power draw install.

I tried this, and after a few months, the included power brick was long longer providing enough power to the ER-X to power the ER-X and a UAP-AC Lite. To keep from having to buy anything, I just put the UAP-AC Lite's power injector back into play.

Did you replace the power brick?

Mike Davis

@dashrender I haven't had to replace it yet. CAT 6 23 gauge cable?

Dashrender

@mike-davis said in Ubiquiti Security Gateway:

@dashrender I haven't had to replace it yet. CAT 6 23 gauge cable?

If you're asking what kind of cable went from the ER-X to my UAP-AC Lite, it was a Cat 5e. You really think the Cat 6 makes that much of a difference over 6 ft?

Mike Davis

@dashrender > If you're asking what kind of cable went from the ER-X to my UAP-AC Lite, it was a Cat 5e. You really think the Cat 6 makes that much of a difference over 6 ft?

If your AP is 6' away, then no, I don't think that would matter. I was thinking of a couple of them further away on longer runs. The higher gauge cable might increase the heat enough to smoke a small PoE injector. In theory it shouldn't matter, I'm just trying to guess as to what happened with yours.

Dashrender

@mike-davis said in Ubiquiti Security Gateway:

@dashrender > If you're asking what kind of cable went from the ER-X to my UAP-AC Lite, it was a Cat 5e. You really think the Cat 6 makes that much of a difference over 6 ft?

If your AP is 6' away, then no, I don't think that would matter. I was thinking of a couple of them further away on longer runs. The higher gauge cable might increase the heat enough to smoke a small PoE injector. In theory it shouldn't matter, I'm just trying to guess as to what happened with yours.

Are you using the POE injector that came with your UAP to power your ER-X and UAP?

How are you powering more than one UAP through a ER-X? there is only one POE output port on the ER-X.

JaredBusch

@mike-davis said in Ubiquiti Security Gateway:

I like the ER X for home use because you can get the PoE model and run a couple APs (even the 24v passive ones) off it and not have to have an injector or PoE switch for it. Makes for a clean low power draw install.

This is completely incorrect.

The ER-X has a single passtrough PoE port (eth4). With a wall wart other than the one provided, you can also use that same port (eth4) to power an access point without a PoE injector powering the ER-X itself.

Dashrender

@jaredbusch said in Ubiquiti Security Gateway:

@mike-davis said in Ubiquiti Security Gateway:

I like the ER X for home use because you can get the PoE model and run a couple APs (even the 24v passive ones) off it and not have to have an injector or PoE switch for it. Makes for a clean low power draw install.

This is completely incorrect.

The ER-X has a single passtrough PoE port (eth4). With a wall wart other than the one provided, you can also use that same port (eth4) to power an access point without a PoE injector powering the ER-X itself.

It does (at least for a while) work with the included wall wart - but as noted, at some point it failed for me.

JaredBusch

@dashrender said in Ubiquiti Security Gateway:

@jaredbusch said in Ubiquiti Security Gateway:

@mike-davis said in Ubiquiti Security Gateway:

I like the ER X for home use because you can get the PoE model and run a couple APs (even the 24v passive ones) off it and not have to have an injector or PoE switch for it. Makes for a clean low power draw install.

This is completely incorrect.

The ER-X has a single passtrough PoE port (eth4). With a wall wart other than the one provided, you can also use that same port (eth4) to power an access point without a PoE injector powering the ER-X itself.

It does (at least for a while) work with the included wall wart - but as noted, at some point it failed for me.

Lots of things work, but it is not intened to work that way and using it as such is at your own risk.

Mike Davis

@jaredbusch said in Ubiquiti Security Gateway:

@mike-davis said in Ubiquiti Security Gateway:

I like the ER X for home use because you can get the PoE model and run a couple APs (even the 24v passive ones) off it and not have to have an injector or PoE switch for it. Makes for a clean low power draw install.

This is completely incorrect.

The ER-X has a single passtrough PoE port (eth4). With a wall wart other than the one provided, you can also use that same port (eth4) to power an access point without a PoE injector powering the ER-X itself.

I was sure I had a ER X PoE, but you're right, it's a ER PoE. OK, so for a clean home install, get a ER PoE...

JaredBusch

@mike-davis said in Ubiquiti Security Gateway:

I was sure I had a ER X PoE,

There is no such product, so that would be your problem.

anthonyh

I saw the EdgeRouter PoE mentioned here and just thought I'd chime in with nothing useful...

I just ordered one of these for my house. Found one pre-owned on eBay for $95. The seller appeared reputable and the sale included a 30 day return policy. To be safe though, I am planning on re-flashing the firmware so there is less chance of any funny business going on. Figured it was worth the gamble at any rate.

The only thing that turns me off regarding the Unifi Security Gateway is the way you have to manage it. Correct me if I'm wrong, but I believe you either have to run the Unifi management console somewhere or use their cloud management platform. Neither of those options are appealing to me which is why I opted for the ERPoE-5.

Dashrender

@anthonyh said in Ubiquiti Security Gateway:

The only thing that turns me off regarding the Unifi Security Gateway is the way you have to manage it. Correct me if I'm wrong, but I believe you either have to run the Unifi management console somewhere or use their cloud management platform. Neither of those options are appealing to me which is why I opted for the ERPoE-5.

Correct, at least in regards to using the Unifi Controller software. This to me is only a hassle because of the lack of feature access via that interface. You can get access to most of the same features via a config file that has to be stored on the controller, which the USG downloads upon each refresh.. but it's still not at 100% feature parity to the ER series.

FATeknollogee

@scottalanmiller said in Ubiquiti Security Gateway:

@fateknollogee said in Ubiquiti Security Gateway:

@fateknollogee said in Ubiquiti Security Gateway:

How's the VPN performance on the ERL?

Anyone??

I don't use VPNs

LANless world for me.

What if users are connecting via ZeroTier. Is this device able to handle multiple users connecting to resources behind it?

Dashrender

@fateknollogee said in Ubiquiti Security Gateway:

@scottalanmiller said in Ubiquiti Security Gateway:

@fateknollogee said in Ubiquiti Security Gateway:

@fateknollogee said in Ubiquiti Security Gateway:

How's the VPN performance on the ERL?

Anyone??

I don't use VPNs

LANless world for me.

What if users are connecting via ZeroTier. Is this device able to handle multiple users connecting to resources behind it?

To the ERL it's just normal traffic.

scottalanmiller

@fateknollogee said in Ubiquiti Security Gateway:

@scottalanmiller said in Ubiquiti Security Gateway:

@fateknollogee said in Ubiquiti Security Gateway:

@fateknollogee said in Ubiquiti Security Gateway:

How's the VPN performance on the ERL?

Anyone??

I don't use VPNs

LANless world for me.

What if users are connecting via ZeroTier. Is this device able to handle multiple users connecting to resources behind it?

Do you mean... is it a router? Networking gear is not aware of users, that's not a thing. Routers just process packets one direction or the other. That's all that they do.

scottalanmiller

@dashrender said in Ubiquiti Security Gateway:

@fateknollogee said in Ubiquiti Security Gateway:

@scottalanmiller said in Ubiquiti Security Gateway:

@fateknollogee said in Ubiquiti Security Gateway:

@fateknollogee said in Ubiquiti Security Gateway:

How's the VPN performance on the ERL?

Anyone??

I don't use VPNs

LANless world for me.

What if users are connecting via ZeroTier. Is this device able to handle multiple users connecting to resources behind it?

To the ERL it's just normal traffic.

Yup, ZeroTier looks basically like just another website.

FATeknollogee

Old school VPN usage (eg, site-to-site) can be a problem
but
New school VPN usage (eg, ZeroTier) is not a problem.

Is this a correct statement?