Home Network Setup for Better Security & Wifi: Pfsense, Ubiquiti and Qotom

Qotom i5 pfsense box
We’ve seen a lot of people asking questions about upgrading their consumer router due to WiFi related issues or just general throughput problems. Some of you are lucky enough now to be receiving very quick internet speeds but you need to make sure your hardware is able to take advantage of it. This becomes even more essential if you run your own VPN server either to protect yourself when in public or just for general remote access and administration.
 
We have been using for the past 9 months or so a small footprint pc from Qotom.
Qotom i% mini pc
Qotom i5 mini pc
It’s an i5, with 8gb RAM, 32GB hard drive, no wifi. What attracted us to this is the 6 gigabit ports. We’re currently using pfsense (bare metal) with it, but should we choose to repurpose the box or even run pfsense virtualised we’d have plenty of additional ports to run a small server. We currently have four of the ports being used. WAN, LAN, IPTV, DMZ so we have room to spare. We will be utilising another port for our CCTV (direct to a POE switch). Do not put your cameras on the same network as your data. Whether that’s wireless or hard wired.
 
For Wifi we suggest the unifi AC PRO. These access points have very good coverage and are easy to set up and administer. The whole experience has been rock solid with no drop outs or interference.
 
Unifi AC Pro
Unifi AC Pro
For the router software, we’ve been using Pfsense. This is very easy to install, and whilst the learning curve can be a tad tricky, once you’ve got it up and running its pretty flawless. There are several videos on YouTube describing how to set up the firewall and good networking practice. (look at Spaceinvader one, Lawrence systems on Youtube). What we especially like are the add ons that come with pfsense like pfblocker. At the press of a button we are able to block whole countries from interacting with your network as well as blocking adverts from published lists of malware sites, advertising domains and other things you’d sooner not see or have people on your network see. There are other softwares available if you’d sooner try a different OS (OPNsense, Untangle etc). OpenVPN is another add-on which we love. It takes seconds to set up additional access for a new device whilst keeping everything secure.
pfSense
The point is that a home made solution such as what we’ve described above gives you piece of mind, better processing power, and should last you over several generations of hardware upgrades. Should a new WiFi point come out with all the latest and greatest standards, then just swap out the unifi point or even add it in addition (being mindful to not overlap the channels for interference). Should you find the box begins to struggle in the future due to increased speeds and throughput being required then repurpose the box into a small NAS or server appliance.
 
Anyway this was just a quick post to help inspire those looking for more from their network.
(Not affiliated in any way with the above companies, just like their products).

Leave a Reply