I volunteered to look at/re-do the network setup of a non-profit health-center that my partner works at, as they have been having connectivity issues (after seeing their network setup I can see why) with internet-based card payments and general email/workflow.
Old setup:
Modem: Netgear CG3000DCR (via Comcast business)
Wireless Router: TRENDnet TEW-692GR (up to 450 Mbps)
AC 1: Engenius EAP9550 (up to 300 Mbps)
AC 2: Cisco-Linksys WAP54G (up to 54 Mbps)
I am not an expert in networking yet as I am just starting in the industry. After doing some research considering their budget this is what I think would be an excellent upgrade that allows for some future proofing in regards to adding IP-based PoE Ubiquiti security cameras down the line, VLAN separation between the practitioners/guests, and ability to troubleshoot from home.
I am doing what I can for a non-profit that doesnât have the funding for an IT professional. If I had the funds myself I would donate some money so they could get their IT needs met, but I do not. If you have any constructive advice or would like to donate money to help them, Iâm all ears.
As far as I know Ubiquiti is pretty expansive. Also it is proprietary stuff, isnât it? Not quite a closed system but not really open source either? That might cost more money down the line when something breaks and also could potentially create some problems if apps disappear and so on.
I am also not a networking guy but that seems like a bad idea to me.
At least for a non-profit with none of the moneys. ÂŻ\_(ă)_/ÂŻ
So instead of calling me a dick, for pointing out the obviouos, how about explaing why any of your grocery list is going to improve or fix the problem.
If you canât do that, you arenât helping at all, and the best thing you can do is recuse yourself from the situation. Itâs admirable to want to help, but from what I can see, you arenât helping.
What sort of network connectivity issues? Signal dropping? Packets being lost? Bad latency? Authentication issues? Devices hoping between APs too aggressively?
Edit: This is by no means an exhaustive list of what issues there could be, just a few quick ideas.
Quit the bickering please. If you donât have any helpful suggestions or are incapable of offering your perceived helpful advice in a affable manner then just move to another thread.
Ubiquiti is definitely not open source and theyâre generally not used for home networks unless youâre into that kind of stuff. Typically theyâre for enterprise systems / business.
I have pfSense setup at home and thought of setting that up for them with a switch and some APs but I am slightly concerned that it wonât be as easily configurable with their want to incorporate physical security into their network later down the line.
Perhaps there isnât a low-cost yet business-reliable solution?
Issues: latency, packet loss, weak signals in some areas
Bad latency when there are more than 15 people in the building, I would guess because their dated APs canât handle all the traffic.
I would also guess that their issues with packet loss is also due to congestion
I figured the stronger Ubiquiti AP signals and a more strategic placement of said APs would solve that
I found out that they were on a 25 Mbps package with Comcast and got on the phone with Comcast with the director and got a great deal for 250 Mbps which has helped a lot in terms of latency but packet loss still occurs during peak time (though definitely not as frequently).
I am also concerned that their dated tech is vulnerable to attack and/or they would be screwed if their 5 year old router or 10 year old AP finally kicks the can.
You donât want to use pfSense for WiFi. I mean you can⌠but its not really made for it well. You can easily plug Ubiquiti equipment into a pfSense firewall/router.
Thereâs lots of things to think about.
What is their budget?
You should identify where there connectivity issues are from. That will determine where they need to invest in upgraded infrastructure. If its ISP related, nothing fill fix that except the ISP.
â
you have to keep in mind that while solutions like pfSense may be cheap(ish), youâll have to maintain it through its lifetime, is this an option for you? More standard equipment will be easier for others to also maintain (other professionals, not the medical staff). Whos manages there IT equipment currently? Or is this a makeshift network of 10 people where the âIT guyâ is the guy who first bought a laptop?
If it is primarily a wifi issue causing the connectivity issues then Ubiquiti isnât a bad solution, they are easy to manage, and work quite nicely. Yes not fully open source, but your not getting this unfortunately. there are some alternatives though (forget their names)
While you can go all Ubiquiti, there may be better and cheaper options on the switching and routing/firewall side. There wifi stuff will run fine on any infrastructure.
Need to consider how many users are there, usage, ISP bandwidth available to take care of them all. How many wifi devices, how large an area do you need to cover, etc.
I have no doubt newer hardware would perform better, but for a non-profit without much money it may not be feasible.
Looking at the connectivity issues thereâs still some possible root causes.
Could be the old router getting overwhelmed.
Could be that all 3 APs are broadcasting on the same channel, interrupting each other.
Iâd agree with @Eden if youâre switching all the equipment you donât need to get a Ubiquiti system for switching and/or router/firewall, but Ubiquiti APs are probably the way to go for wireless. Though depending on square footage and walls you may only need one or two Unifi APs.
If youâre new, I would go for a pfSense router. For something as simple as a healthcare clinic you can probably find an old Pentium Dual Core machine from 2005 or something. Maybe even get one donated. pfSense is about as good as it gets for user-friendly firewall/router.
I would stay away from the Unifi switch unless you guys have a good bit of money and speed is absolutely paramount. That is a serious piece of hardware and while itâs good that youâre willing to dive into unfamiliar territory (thatâs how a lot of us got into networking) you donât want to bite off way more than you can chew.
If you guys are really on a budget, start with a cheap 8 port unmanaged gigabit switch, a pfSense router, and some Ubiquiti APs. That will be an easily upgradable thing but will also work pretty damn reliably as-is for simple email/cloud stuff.
How much funds do you have to work with right now? If youâve got more money, we can step up a little.
Agreed. I suggest getting a PC connected with wired and whenever a wireless client is having issues, do a speedtest from the wired PC. That 802.11g access point has probably seen better days, and that may be where a large portion of your connection issues are coming from.
Yeah, thatâs worth considering. I helped out in a similar situation for a small paycheck when I was younger, and nothing ever happened, but I wouldâve been seriously screwed if it did. Might want to discuss that with the owners.
The blue ones may be impossible to kill, but the speed/latency on the few Iâve had has been awful compared to modern APs. If âconnectivity issuesâ include constant buffering of YouTube videos it may have little to do with the ISP and much to do with the 10+ year old APs. But thatâs just my guess.
donât need the SFP version of edgerouter-x (regular er-x is fine)
donât need the cloud key
donât need the pro version of the AP (-ap ac lite is fine)
donât need the poe switch
So er-x, and probably, 2 unifi AP lites are all you need.
Now, hereâs what Iâm thinking, instead of running a controller for 2-3 ubiquiti ac litesWi-Fis, get Mikrotik wAP ac, same money, can work adhoc, super flexible when it comes to poe.
Instead of er-x get a Mikrotik hEX, yes you can find PCI hardening checklists for both and hardware is similar, but vlan management is much cleaner on routeros than on edgerouter-x , and it costs about the same.
Now one day, when you go buying cameras, spend 100-150 bucks on a 24 port managed gigabit switch.
Buy dumb switches before hand, easier to manage.
Edit: and the âsmartqueueâ thing on er-x, you can get the same (not to be nit-picky) thing with a simple queue and sfq on the hEX.
Unifi WAPs are dirt cheap for their performance and lack of need for a subscription. Highly recommend for small/medium businesses, including nonprofits. Donât buy the âliteâ versions, you get significantly better coverage and an extra MIMO radio for only $20.