I hope this is the right forum to post in - maybe I should have gone to RouterBOARD hardware?
I’m thinking about replacing all my different routers and accesspoints with RouterOS based devices.
Today I’m using a Jetway JBC375F533 device with pfSense together with Unifi AP’s and its working fine, but I need to tie a few locations together.
I have a few specific needs that I would really like this new solution to handle. No more than 10 users for now, but backups needs to be copied between locations.
For my central location I was thinking about the hAP ac - or maybe just load RouterOS on my previous firewall solution and then add 1-2 wAP ac’s on the ceiling to get wireless coverage.
I have another location I where would like to create a “drop in” network that would dial back to the central location via VPN. The thing is I have no control over the choice of ISP and router at this location, but would simply place my own router behind the ISP provided router and then dial home to central. I was thinking about the hAP or hAP ac lite for this task.
Maybe a third location like the above in the near future.
Along similar lines I would like to use the mAP like a travelrouter - let it connect to whatever is close (hotel, airport, etc) and then create a private network behind this device with VPN dial back to central. Will it be possible to connect to the internet using wireless and at the same time create a private wireless network behind that + vpn dialback to the central location?
I was looking for a way to create all this using the same OS and interface and I think this just might work with Mikrotik stuff.
Do you have any insights or comments on this? Anything is appreciated. Maybe some of you have done something similar?
Depending on the size of the area to be covered, a single Hap AC will do. What’s the internet bandwidth available? How do you get your public IP from the ISP, by PPPoE or DHCP?
For such low user count, you will get along with just two wAP acs + Hex and have plenty of power to spare depending on available bandwidth.
I rarely use ROS on x86 for these kind of application, the cost of a suitable Routerboard device already includes the license, and will probably be on par with the x86 standalone license alone. That’s not taking into account power draw, hardware reliability, etc.
That jetway may make a good central router for VPN access concentrator; I’d first download ROS for x86 and test that i211 ethernets are recognized fine. You may use that ROS unlicensed for 24 hours to test.
I have another location I where would like to create a “drop in” network that would dial back to the central location via VPN. The thing is I have no control over the choice of ISP and router at this location, but would simply place my own router behind the ISP provided router and then dial home to central. I was thinking about the hAP or hAP ac lite for this task.
Maybe a third location like the above in the near future.
Yes, that will work w/o problems if you need to provide Wireless; if not, then a RB750Gr3 (Hex) will be a good choice (hardware accelerated IPSec)
Along similar lines I would like to use the mAP like a travelrouter - let it connect to whatever is close (hotel, airport, etc) and then create a private network behind this device with VPN dial back to central. Will it be possible to connect to the internet using wireless and at the same time create a private wireless network behind that + vpn dialback to the central location?
Yes, it is possible.
I was looking for a way to create all this using the same OS and interface and I think this just might work with Mikrotik stuff.
Do you have any insights or comments on this? Anything is appreciated. Maybe some of you have done something similar?
That’s a sound reasoning. Yes, have done similar things, do some searches on the forum and should find all kind of similar scenarios. Using http://wiki.mikrotik.com/wiki/Main_Page will help too.
On the central location I have VDSL 70/20 so not really that much. Public Static IP’s are delivered by DCHP or can be configured manually. I have 3 IPv4 addresses and a /48 IPv6 network as well.
The remote locations are typically not having static IP’s and I’m not sure how they get their public IP’s. It could be some *DSL tech or cable modem perhaps. They are most likely not static and I was hoping to avoid all these complications by placing my router behind whatever they provide. I know this will be NAT on NAT, but I guess it should no be a problem.
Yeah - I see your point. I just figured since I already have the hardware… But maybe I’m better off using this for something else and just buy an appropriate RouterBOARD device instead
Using the latter option I can create a complete setup in parallel without disturbing whats running now, so I just might go that way…
That was a really great confirmation - will work with this. Thanks.
@pukkita: Thank you very much for your replies - much appreciated.
That’s the best possible scenario, asked about this because a 1Gbps fiber uplink by PPPoE will put a tax on the router CPU, which isn’t the case. You’ll be fine with a single hAP ac if the area can be covered wirelessly.
You’re welcome!
I use a mAP myself as a lab router, and as my travelrouter. You’ll be impressed by all the functionality that is packed inside such tiny router.
Obviously it is limited by CPU, but otherwise it has all the same RouterOS features available on any routerboard with an L4 license. You can even power it with any typical USB external battery for quite some time.
I understand your point - the right tool for the right job and all that…
Again thanks for your comments - you kind of pushed me over the edge
I’ve actually come across Mikrotik several time over the years but never gotten around to actually work with them. So now I’ve gone and bought a few to get things going.
I decided to buy the hEX for the central location and will add a wAP ac later (those two are almost the same price as the hAP ac and more flexible to place), leaving the now running system in place while I get to know RouterOS. I grabbed a hAP ac lite for the remote location. I also bought a couple of mAP lite’s for “fun” (read: testing and travel)
