Investigate router platforms

[dngray]

Description

URL of affected page: https://discuss.privacyguides.org/t/securing-home-network/319

Many people are looking for replacements to their "home router" as a border device is unsupported by the vendor. Typically consumer grade hardware is only supported for a very short time rather like like cheap mobile phones.

The issue is these devices provide important security controls for local area networks of households. Such use cases have limited budgets that makes enterprise grade hardware unobtainable.

We would have a criteria, and the main thing being that the platform is open enough that it can support new kernels. The Turris Omnia based on OpenWRT seems like a fine candidate. Other candidates include GL.iNet and Firewalla, Protectli and more advanced options like the OPNsense offerings.

[ph00lt0]

The German Fritz!box can also be included.
Another option is Netgear routers with pfsense, or ubiquity hardware.

[dngray]

The German Fritz!box can also be included.
Another option is Netgear routers with pfsense, or ubiquity hardware.

We would not be including any of these as they're not strictly supported with third party firmware and in a lot of models it is impossible. They often require flashing over serial, which also voids warranty in most cases, also availability is an issue, a current model now may not be available later.

For information about general OpenWrt targets visit https://openwrt.org/toh/start

[jonaharagon]

MikroTik is probably also worth looking into, I've seen people switch to them after Ubiquiti started withering away. Might not be as consumer-friendly though.

[dngray]

MikroTik is probably also worth looking into,

Not at this time.

I've seen people switch to them after Ubiquiti started withering away.

I'd be surprised about that.

[ph00lt0]

Think it would be important to recommend something that supports mesh networking as well. Most people will be looking for home recommendations but would be cool if we had something suitable for enterprise too

[privacyguides-bot]

This issue has been mentioned on Privacy Guides. There might be relevant details there:

https://discuss.privacyguides.net/t/privacy-and-security-oriented-router/10009/2

[privacyguides-bot]

This issue has been mentioned on Privacy Guides. There might be relevant details there:

https://discuss.privacyguides.net/t/any-recommendations-on-portable-routers/11485/2

[privacyguides-bot]

This issue has been mentioned on Privacy Guides. There might be relevant details there:

https://discuss.privacyguides.net/t/please-add-hardware-recomendation-section-all-categories/11616/3

[maltfield]

It might also be worthwhile spending 1-4 paragraphs discussing (and linking-to some guides) on how to setup a "whole house VPN" with your router. Such a setup can pass all traffic for an entire network through a VPN -- especially useful for devices that can't run a VPN client locally or if the native VPN clients for the device easily/accidentally/often have VPN leaks.

I wrote a guide on how to do this with Ubiquiti hardware, but I've seen similar guides for tomato and DD-WRT

• https://tech.michaelaltfield.net/2017/08/20/howto-guide-whole-house-vpn-with-ubiquiti-cryptostorm-netflix-safe/

[dngray]

@maltfield I actually plan to do one of those with #1863, I only have the OPNsense appliance at this point. I think Jonah has the Firewalla.

We'd like a contributed guide there for the Turris Omnia, don't have one of those, or I guess we could buy one.