Suggestions on a VPN Solution
-
@scottalanmiller typing the better answer while I was on the shitter...
-
@JaredBusch said in Suggestions on a VPN Solution:
Do not use the ERX, without a console port, you lose troubleshooting.
While this is true, I don't think it's a real problem. If you have to go for console access, you have to go onsite anyway - then just reset it and restore the settings from your backup. I wouldn't worry about trouble shooting in this cost range.
-
@Dashrender said in Suggestions on a VPN Solution:
@JaredBusch said in Suggestions on a VPN Solution:
Do not use the ERX, without a console port, you lose troubleshooting.
While this is true, I don't think it's a real problem. If you have to go for console access, you have to go onsite anyway - then just reset it and restore the settings from your backup. I wouldn't worry about trouble shooting in this cost range.
The ERX is not something I would use in a business. It works great for a home office but not for a business.
-
Why not?
-
@Carnival-Boy said in Suggestions on a VPN Solution:
Why not?
Other than the console port - which I don't personally agree with, I'm also curious why you don't like the ER-X in business? It's half the cost of the ERL.
-
They also have an ER-X now that has a SFP port which I thought was interesting.
-
But I think the big one is that you don't want your firewall to handle switching. You should have an independent dedicated switch for that task.
-
So don't have your ER-X handle switching.
-
@coliver said in Suggestions on a VPN Solution:
They also have an ER-X now that has a SFP port which I thought was interesting.
I'm using one to enable complete separation of our radiology network. Incoming connection to external provider (ethernet) -> ER-X -> (Fiber) to EdgeSwtch -> radiology equipment.
I'm also using an ER-X for my guess network on it's own ISP connection.
-
@coliver said in Suggestions on a VPN Solution:
But I think the big one is that you don't want your firewall to handle switching. You should have an independent dedicated switch for that task.
What's the concern here? The ER-X specifically has a switch chip in it, where the ERL and ER8 don't. Granted I probably wouldn't use the ER-X in a 15+ user environment (though even then that's completely arbitrary and I should only care about bandwidth throughput, not number of users).
-
@Dashrender said in Suggestions on a VPN Solution:
Granted I probably wouldn't use the ER-X in a 15+ user environment
Oh I only bought one on your recommendation
-
Don't get me wrong, the ER-X is a great device. I have a number of them in the field. But all in home offices. That is its designed use case.
Can you use it elsewhere? Sure.
I specifically do not recommend it in any business office because you will almost always need more switch ports at some point.
Also, the ER-X is less powerful than the ERL over all and it has way less storage. SO if you think you are ever going to tweak your system or anything, then you will quickly run into limitations.
It is a great device for its purpose. That purpose is a home office or very, very tiny satellite office.
But if you think you will ever use a second switch, then don't buy it. Buy the ERL and a switch.
-
@JaredBusch said in Suggestions on a VPN Solution:
Don't get me wrong, the ER-X is a great device. I have a number of them in the field. But all in home offices. That is its designed use case.
Can you use it elsewhere? Sure.
I specifically do not recommend it in any business office because you will almost always need more switch ports at some point.
Also, the ER-X is less powerful than the ERL over all and it has way less storage. SO if you think you are ever going to tweak your system or anything, then you will quickly run into limitations.
It is a great device for its purpose. That purpose is a home office or very, very tiny satellite office.
But if you think you will ever use a second switch, then don't buy it. Buy the ERL and a switch.
See I see what you're listing as planning for the future. Sure you might need more, and when you do buy the bigger think then, and sell the old one for $20, or whatever.
If you need more at the start, absolutely buy the right thing, but if you are tiny, the adage is, buy what you need for today, as tomorrow may never come.
-
@Dashrender said in Suggestions on a VPN Solution:
@JaredBusch said in Suggestions on a VPN Solution:
Don't get me wrong, the ER-X is a great device. I have a number of them in the field. But all in home offices. That is its designed use case.
Can you use it elsewhere? Sure.
I specifically do not recommend it in any business office because you will almost always need more switch ports at some point.
Also, the ER-X is less powerful than the ERL over all and it has way less storage. SO if you think you are ever going to tweak your system or anything, then you will quickly run into limitations.
It is a great device for its purpose. That purpose is a home office or very, very tiny satellite office.
But if you think you will ever use a second switch, then don't buy it. Buy the ERL and a switch.
See I see what you're listing as planning for the future. Sure you might need more, and when you do buy the bigger think then, and sell the old one for $20, or whatever.
If you need more at the start, absolutely buy the right thing, but if you are tiny, the adage is, buy what you need for today, as tomorrow may never come.
Waste of time. You will spend more in man hours for that than the $20 you get for selling. Not to mention the tax notations and accounting.
Also it is not planning for the future. It is planning correctly. Don't use a switch on your damned router.
-
@Dashrender said in Suggestions on a VPN Solution:
@coliver said in Suggestions on a VPN Solution:
But I think the big one is that you don't want your firewall to handle switching. You should have an independent dedicated switch for that task.
What's the concern here? The ER-X specifically has a switch chip in it, where the ERL and ER8 don't. Granted I probably wouldn't use the ER-X in a 15+ user environment (though even then that's completely arbitrary and I should only care about bandwidth throughput, not number of users).
It's just not good practice to mash everything into an "all in one" device. You'd never want an AP in your router, and an AP is just a wireless switch. Keep your devices lean and purposeful.
-
@scottalanmiller said in Suggestions on a VPN Solution:
@Dashrender said in Suggestions on a VPN Solution:
@coliver said in Suggestions on a VPN Solution:
But I think the big one is that you don't want your firewall to handle switching. You should have an independent dedicated switch for that task.
What's the concern here? The ER-X specifically has a switch chip in it, where the ERL and ER8 don't. Granted I probably wouldn't use the ER-X in a 15+ user environment (though even then that's completely arbitrary and I should only care about bandwidth throughput, not number of users).
It's just not good practice to mash everything into an "all in one" device. You'd never want an AP in your router, and an AP is just a wireless switch. Keep your devices lean and purposeful.
Agreed!
I plan to go with the ERL at both sites, the main site already has a separate switch from the Netgear router, so it'll be a drop in replacement there. At the remote site, I will use the ERL with an 8 port gigabit switch and add in a ubiquiti AP for wireless. Keeps it simple and modular.
-
@jrc said in Suggestions on a VPN Solution:
@scottalanmiller said in Suggestions on a VPN Solution:
@Dashrender said in Suggestions on a VPN Solution:
@coliver said in Suggestions on a VPN Solution:
But I think the big one is that you don't want your firewall to handle switching. You should have an independent dedicated switch for that task.
What's the concern here? The ER-X specifically has a switch chip in it, where the ERL and ER8 don't. Granted I probably wouldn't use the ER-X in a 15+ user environment (though even then that's completely arbitrary and I should only care about bandwidth throughput, not number of users).
It's just not good practice to mash everything into an "all in one" device. You'd never want an AP in your router, and an AP is just a wireless switch. Keep your devices lean and purposeful.
Agreed!
I plan to go with the ERL at both sites, the main site already has a separate switch from the Netgear router, so it'll be a drop in replacement there. At the remote site, I will use the ERL with an 8 port gigabit switch and add in a ubiquiti AP for wireless. Keeps it simple and modular.
Sounds like the right choice.