I am looking at options for replacing or upgrading my Unifi/Ubiquiti networks. Like others that have posted similar questions, I'm increasingly unhappy with the quality of the firmware and the removal of functionality from their controller. I've unable to upgrade my controller due to bugs in the latest versions with the advanced networking configs I use. I also do not want cloud integration (I'm not currently using it with Unifi either).
I manage two sites with USG devices connected via site-to-site VPN. I have multiple VLANs with different security policies/firewall rulesets -- including one VLAN that routes all Internet traffic through the VPN and out the remote site's Internet connection. I'm using a mix of Unifi switches and TP-Link POE unmanaged switches to extend the wired network.
Edit to add: I only have about 12 users total split between the two sites.
I only have a total of 3 AP (two at one site, one at the other), but they are serving 7 wireless networks/SSID with various security policies (internal/EAP-TLS, guest PSK, IOT, etc.) that I would like to continue to use (Four at the primary site plus three at the secondary site).
I have the L2TP client VPN configured on one USG, and I'm unhappy with the logging and connection/user management (minimally, being able to see who is connected at any given time, and being able to disconnect users as needed from the management GUI instead of needing to ssh into the gateway. Logging requirements are simply: user, source IP, assigned internal IP, login time, logout time preferably in the same log file (I cannot believe logs like this aren't a thing on Unifi! /rant)), so I would like a solution that has better VPN user management options (bonus points for Wireguard support).
I send all of my network/wifi/firewall logs to an Elasticstack SIEM, so extra bonus points for a solution that has an out of the box ingest parser that I don't have to write myself and maintain.
I've started looking at the Cisco SOHO routers/switches/AP and I'm getting quickly overwhelmed with options. I'm also interested in Aruba, but I'm not familiar at all with their routers and switches.
I'm not interested in paying a subscription fee.
Unifi checked the boxes for most of my requirements and had been working great until their recent controller upgrades which started removing functionality I need.
Does anyone have any advice for alternatives that I haven't considered, or advice about navigating the Cisco/Aruba offerings?
No comments:
Post a Comment