I just moved into a new house.
The fiber technician is done and now I just need a new Router!
So I want some help picking a prebuild or parts for a home router on a budget.
It does not have to be business-grade or more, but only for my home use.
My ISP supplied me with some temporary hardware that will not suffice.
My needs for the router is:
Site2Site VPN
VPN server
Port forwarding
Telemetry
My budget is around 1.5 to 2000 DKK which is around 300 USD.
Your title says OPNsense, but in the OP you don’t really make a case for it. If you want to experiment with OPNsese or pfSense, just build a PC with an AsRock J3455M or better and get a quad-port Intel 1 Gbps NIC. I found that the Realtek on the AsRock works ok with pfSense (I’ve used it for ~4 years as WAN).
However, if you don’t really care about experimenting, just get an Asus RT-AX58U (goes for ~$160), or if you manage to find a deal under $300, get the more advanced Asus RT-AX88U (it usually goes around $350). Disclaimer: I have not used them, so I can’t vouch for them, but many people seem to like them. Those Asus routers support OpenVPN in their default firmware, not sure about Wireguard in default one, but you can just install Asuswrt-Merlin on them (both are supported) and get started from there (and also get WiFi while you’re at it, I hear AI-Mesh is quite good if you don’t want to lay cables around your house).
Another thing you could do is get a 2nd hand Intel NUC and a USB 3.0 Gigabit or even 2.5 Gbps Ethernet adapter (if you got a good switch). I’m using one like this on a small office with at most 20 people. I got OPNsense running on a NUC with its NIC connected to a 100 Mbps internet connection and the USB Ethernet port to an 8 port switch where we got a printer, another NUC running Proxmox (for a small samba where we keep installation kits and the unifi controller) and a unifi AC-Pro 5. This setup has been working for 3 months now at the new office. I did configure wireguard for a s2s vpn with our data center, but I ended up not testing it too much (because people come to work and need to work, not have the IT kill the internet in order to debug some firewall rules to make the internal DNS work).
Here’s how they looked back when I first set them up (I don’t have a picture of them running live):
I believe the NUC option would be way more expensive because of its form-factor, but we had 3 NUCs lying around doing nothing. One of them still does nothing now, I’m thinking of preparing it for when things start reopening and people go to potential clients and present our software - have everything run on the NUC for local demos instead of flaky internet connections that doesn’t serve the software any justice.
An option could be a PC Engines APU2 which can be purchased on a 1500 to 2000 DKK budget from Sweden and sent to Denmark (I assume that’s your location from the currency.)
