Community discussions

 
gianlu
just joined
Topic Author
Posts: 4
Joined: Wed Jul 03, 2019 6:19 pm
Location: Italy

How to choose proper Mikrotik hardware

Wed Jul 03, 2019 7:37 pm

Hello Everyone,

I'm not sure if I'm posting in the correct session, if not, please apologise me.
I'm writing here because I need to buy a Mikrotik device to use in my home network and I was not able to find any good info on how to choose the rigth one for me.
I work for aService Provider as a Networking specialist, so I know about the networking world but we never use mikrotik device (Only Cisco, HPE, Check Point and Fortinet but they are too expensive for a home network)
As attachment you can find a very basic layout of how I want my network to be.
Needed point:
- I have a server (ESX Host) at home, I want to be able to create different Vlans with different IP subnets for the different virtual server that I will use.
- The servers will not be published on the internet, people must be able to connect with a Client VPN from they PC (Only software on the remote site, no hardare device, not a Site-to-Site VPN)
- The router must be able to handle around 6 to 10 people connected at the same time via VPN
- I have a theoretical 100Mb/s internet connection, in reality it goes at around 40Mb/s, I wish to being able to use all or at least the major part of it for the VPN traffic (To be more clear, I don't want a device that is able to handle 50Mb/s troughput but only 10Mb/s of encrypted troughput, I want a device that is able to use all my bandwith for encripted traffic if necessary)
- I want to being able of have multiple profiles of VPN that allow access on different subnet (In Cisco is called "Split Tunnel" I do not know how is it called elsewhere. To be more clear: I will have different types of servers on the ESX Host, for example I will have "games" server on the "games" vlan and "development" server on the "development" subnet, I wish that friends who need to play games will only have access to games vlan and friends who need to access development server only access that vlan)
- Still refering to the point above, people must use their own connection to surf the internet, traffic must go trough the VPN tunnel only if is directed to the servers.

I think I have pointed out all of my needs.
Many thanks to anyone that will help me choose the rigth device.

Regards,
Gianluca
You do not have the required permissions to view the files attached to this post.
 
anav
Forum Guru
Forum Guru
Posts: 3134
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada

Re: How to choose proper Mikrotik hardware

Thu Jul 04, 2019 4:45 am

Well I would look at something that has ipsec in the hardware so anything like a routerboard RGB450Gx4 or an RB4011 should be models to start considering.
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
 
gianlu
just joined
Topic Author
Posts: 4
Joined: Wed Jul 03, 2019 6:19 pm
Location: Italy

Re: How to choose proper Mikrotik hardware

Thu Jul 04, 2019 10:58 am

Well I would look at something that has ipsec in the hardware so anything like a routerboard RGB450Gx4 or an RB4011 should be models to start considering.
Hello Anav,

Many thanks for your reply.
Searching on google for "RGB450Gx4" doesn't give me back any result, removing the "x4" give me the hEX page. Is that rigth?
I have seen that there is also a model called hEX S that have IPSec hardware, but by looking at the section "Test Result" all the value looks to be the same.
Can you please clarify me more? As told in the original post, I'm familiar with Networking, but not with MikroTik Devices.

I have also serched for RB4011, it looks great and it would be fantastic if my internet connection really goes up to 100Mb/s, unfortunately for now it's only around 40Mb/s and I do not expect that to improve for the next couple of years.

Regards,
Gianluca
 
mkx
Forum Guru
Forum Guru
Posts: 3223
Joined: Thu Mar 03, 2016 10:23 pm

Re: How to choose proper Mikrotik hardware

Thu Jul 04, 2019 1:26 pm

@anav pressed 'G' once too many. He meant to type RB450Gx4.

When looking at test results, check the lower-right part of the table ... there things make some difference. E.g. routing 25 filter rules, 64 byte packets - RB450Gx4 118Mbps, RB750Gr3 48Mbps. IPsec performs similarly on these two devices.
BR,
Metod
 
gianlu
just joined
Topic Author
Posts: 4
Joined: Wed Jul 03, 2019 6:19 pm
Location: Italy

Re: How to choose proper Mikrotik hardware

Thu Jul 04, 2019 4:51 pm

@anav pressed 'G' once too many. He meant to type RB450Gx4.

When looking at test results, check the lower-right part of the table ... there things make some difference. E.g. routing 25 filter rules, 64 byte packets - RB450Gx4 118Mbps, RB750Gr3 48Mbps. IPsec performs similarly on these two devices.
Hi Mkx,

Many thanks for the reply, Now I can see the correct device ;)
The Test result looks good for my internet connectivity, can you please confirm that on the "software" side, routerOS is capable of the request I have made in the first post?
Especially the VPN part that is crucial for me:
"
- I want to being able of have multiple profiles of VPN that allow access on different subnet (In Cisco is called "Split Tunnel" I do not know how is it called elsewhere. To be more clear: I will have different types of servers on the ESX Host, for example I will have "games" server on the "games" vlan and "development" server on the "development" subnet, I wish that friends who need to play games will only have access to games vlan and friends who need to access development server only access that vlan)
- Still refering to the point above, people must use their own connection to surf the internet, traffic must go trough the VPN tunnel only if is directed to the servers.
"
Is there a limit to the number of people connected?
Are there some license that must be used?

Again, many thanks for your time,
Regards,
Gianluca

Who is online

Users browsing this forum: No registered users and 29 guests