Return to Level1Techs.com

What do you think of this Small Business setup?


#1

I volunteered to look at/re-do the network setup of a non-profit health-center that my partner works at, as they have been having connectivity issues (after seeing their network setup I can see why) with internet-based card payments and general email/workflow.

Old setup:

  • Modem: Netgear CG3000DCR (via Comcast business)
  • Wireless Router: TRENDnet TEW-692GR (up to 450 Mbps)
  • AC 1: Engenius EAP9550 (up to 300 Mbps)
  • AC 2: Cisco-Linksys WAP54G (up to 54 Mbps)

I am not an expert in networking yet as I am just starting in the industry. After doing some research considering their budget this is what I think would be an excellent upgrade that allows for some future proofing in regards to adding IP-based PoE Ubiquiti security cameras down the line, VLAN separation between the practitioners/guests, and ability to troubleshoot from home.

New setup:

  • Modem/Gateway: Cisco DPC3939B (via Comcast business)
  • Ubiquiti Edgerouter X SFP
  • Ubiquiti US-8-60W Unifi Switch
  • Ubiquiti Unifi 802.11ac Dual-Radio PRO Access Point (x3)
  • Ubiquiti Unifi Cloud Key

Any thoughts/suggestions would be highly appreciated.
TIA


#2

You’re in way over your head. Just bow out of offering any help. You haven’t identified the problem, all you are suggesting is a grocery list.

Just. Stop.


#3

I am doing what I can for a non-profit that doesn’t have the funding for an IT professional. If I had the funds myself I would donate some money so they could get their IT needs met, but I do not. If you have any constructive advice or would like to donate money to help them, I’m all ears.

No need to be a dick.


#4

As far as I know Ubiquiti is pretty expansive. Also it is proprietary stuff, isn’t it? Not quite a closed system but not really open source either? That might cost more money down the line when something breaks and also could potentially create some problems if apps disappear and so on.

I am also not a networking guy but that seems like a bad idea to me.
At least for a non-profit with none of the moneys. ¯\_(ツ)_/¯

@DeusQain ?


#5

So instead of calling me a dick, for pointing out the obviouos, how about explaing why any of your grocery list is going to improve or fix the problem.

If you can’t do that, you aren’t helping at all, and the best thing you can do is recuse yourself from the situation. It’s admirable to want to help, but from what I can see, you aren’t helping.


#6

What sort of network connectivity issues? Signal dropping? Packets being lost? Bad latency? Authentication issues? Devices hoping between APs too aggressively?

Edit: This is by no means an exhaustive list of what issues there could be, just a few quick ideas.


#7

Quit the bickering please. If you don’t have any helpful suggestions or are incapable of offering your perceived helpful advice in a affable manner then just move to another thread.


#8

Ubiquiti is definitely not open source and they’re generally not used for home networks unless you’re into that kind of stuff. Typically they’re for enterprise systems / business.

I have pfSense setup at home and thought of setting that up for them with a switch and some APs but I am slightly concerned that it won’t be as easily configurable with their want to incorporate physical security into their network later down the line.

Perhaps there isn’t a low-cost yet business-reliable solution?


#9

Issues: latency, packet loss, weak signals in some areas

  • Bad latency when there are more than 15 people in the building, I would guess because their dated APs can’t handle all the traffic.
  • I would also guess that their issues with packet loss is also due to congestion
  • I figured the stronger Ubiquiti AP signals and a more strategic placement of said APs would solve that

I found out that they were on a 25 Mbps package with Comcast and got on the phone with Comcast with the director and got a great deal for 250 Mbps which has helped a lot in terms of latency but packet loss still occurs during peak time (though definitely not as frequently).

I am also concerned that their dated tech is vulnerable to attack and/or they would be screwed if their 5 year old router or 10 year old AP finally kicks the can.


#10

You don’t want to use pfSense for WiFi. I mean you can… but its not really made for it well. You can easily plug Ubiquiti equipment into a pfSense firewall/router.

There’s lots of things to think about.

What is their budget?

You should identify where there connectivity issues are from. That will determine where they need to invest in upgraded infrastructure. If its ISP related, nothing fill fix that except the ISP.


you have to keep in mind that while solutions like pfSense may be cheap(ish), you’ll have to maintain it through its lifetime, is this an option for you? More standard equipment will be easier for others to also maintain (other professionals, not the medical staff). Whos manages there IT equipment currently? Or is this a makeshift network of 10 people where the ‘IT guy’ is the guy who first bought a laptop?

If it is primarily a wifi issue causing the connectivity issues then Ubiquiti isn’t a bad solution, they are easy to manage, and work quite nicely. Yes not fully open source, but your not getting this unfortunately. there are some alternatives though (forget their names)

While you can go all Ubiquiti, there may be better and cheaper options on the switching and routing/firewall side. There wifi stuff will run fine on any infrastructure.

Need to consider how many users are there, usage, ISP bandwidth available to take care of them all. How many wifi devices, how large an area do you need to cover, etc.


#11

I have no doubt newer hardware would perform better, but for a non-profit without much money it may not be feasible.

Looking at the connectivity issues there’s still some possible root causes.

  • Could be the old router getting overwhelmed.
  • Could be that all 3 APs are broadcasting on the same channel, interrupting each other.

I’d agree with @Eden if you’re switching all the equipment you don’t need to get a Ubiquiti system for switching and/or router/firewall, but Ubiquiti APs are probably the way to go for wireless. Though depending on square footage and walls you may only need one or two Unifi APs.


#12

If you’re new, I would go for a pfSense router. For something as simple as a healthcare clinic you can probably find an old Pentium Dual Core machine from 2005 or something. Maybe even get one donated. pfSense is about as good as it gets for user-friendly firewall/router.

I would stay away from the Unifi switch unless you guys have a good bit of money and speed is absolutely paramount. That is a serious piece of hardware and while it’s good that you’re willing to dive into unfamiliar territory (that’s how a lot of us got into networking) you don’t want to bite off way more than you can chew.

If you guys are really on a budget, start with a cheap 8 port unmanaged gigabit switch, a pfSense router, and some Ubiquiti APs. That will be an easily upgradable thing but will also work pretty damn reliably as-is for simple email/cloud stuff.

How much funds do you have to work with right now? If you’ve got more money, we can step up a little.


#13

Agreed. I suggest getting a PC connected with wired and whenever a wireless client is having issues, do a speedtest from the wired PC. That 802.11g access point has probably seen better days, and that may be where a large portion of your connection issues are coming from.


#14

Those blue linksys 54g things are pretty much unkillable in my experience.


#15

If you are not aware of hipaa regulations and PCI compliance… You may not want to be the person responsible for setting up their network… IMO


#16

Yeah, that’s worth considering. I helped out in a similar situation for a small paycheck when I was younger, and nothing ever happened, but I would’ve been seriously screwed if it did. Might want to discuss that with the owners.


#17

The blue ones may be impossible to kill, but the speed/latency on the few I’ve had has been awful compared to modern APs. If “connectivity issues” include constant buffering of YouTube videos it may have little to do with the ISP and much to do with the 10+ year old APs. But that’s just my guess.


#18

As others have said it’s a grocery list,

  • don’t need the SFP version of edgerouter-x (regular er-x is fine)
  • don’t need the cloud key
  • don’t need the pro version of the AP (-ap ac lite is fine)
  • don’t need the poe switch

So er-x, and probably, 2 unifi AP lites are all you need.

Now, here’s what I’m thinking, instead of running a controller for 2-3 ubiquiti ac litesWi-Fis, get Mikrotik wAP ac, same money, can work adhoc, super flexible when it comes to poe.

Instead of er-x get a Mikrotik hEX, yes you can find PCI hardening checklists for both and hardware is similar, but vlan management is much cleaner on routeros than on edgerouter-x , and it costs about the same.

Now one day, when you go buying cameras, spend 100-150 bucks on a 24 port managed gigabit switch.
Buy dumb switches before hand, easier to manage.

Edit: and the “smartqueue” thing on er-x, you can get the same (not to be nit-picky) thing with a simple queue and sfq on the hEX.


#19

Unifi WAPs are dirt cheap for their performance and lack of need for a subscription. Highly recommend for small/medium businesses, including nonprofits. Don’t buy the ‘lite’ versions, you get significantly better coverage and an extra MIMO radio for only $20.