SMB networking setup

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.

foureight84

Active Member
Jun 26, 2018
266
240
43
I'm looking into upgrading my office wifi system to accommodate for 40+ people at any given time. My office has a 5400sqft on one floor. We currently have about 20 people and our Netgear Orbi will no longer suffice. The other day we had an all hands meeting with everyone gathering in one room and the closest node having issues dealing with all the devices trying to connect.

I have a custom built PFSense firewall sitting between the modem and the router and I'm probably going to get rid of it as well. It's fine for what it is but it was a pain to setup and I don't want to keep maintaining it. A basic security level firewall should do.

I have been looking at openmesh and ubiquiti. I'm leaning toward ubiquiti security gateway pro as the router to use since it does have better specs (processor and ram) compared to the openmesh g200. ubiquiti claims that this router can handle up to 2000 devices but I don't really trust that to be accurate in a real world use case. Moreover, there is also lack of additional information on the performance of the g200 causing me to lean toward unifi.

Mesh isn't a must in this setup. But POE is a must, and both do offer.

I think the setup will be:
1- UniFi Security Gateway Pro
1 - UniFi Switch L2 PoE
3 - UniFi HD

What do you guys recommend? I want to stay away from cisco meraki since that solution is a bit more expensive and ubiquiti's user interface seems a lot easier to manage.
 

j_h_o

Active Member
Apr 21, 2015
644
179
43
California, US
  1. What kind of internet connection do you have? What's the downstream/upstream?
  2. While the ~40 people are connected, what are the usecases you're looking to support? Do you have high-bandwidth applications running at the same time from your wireless clients?
  3. If you can run hardwire to the AP, do that. Don't mesh.
  4. What's the physical space like? Where are the walls? Is there a lot of RF noise from neighbours?
  5. You'll also need a Ubiquiti controller. You can run it as a VM, or on a CloudKey.
 
Jan 4, 2014
89
13
8
i would add a secondairy ap.
instead of the hd, buy the nanohd, that will easily handle your load, is cheaper and will allow you to spread load

also, i wouldnt mess around with the cloudkeys..
run a local linux vm, install that with one of easy installation script, that will also setup the let's encrypt certificates for you.

if a local vm isnt possible , look at amazon vm for 5 usd/month
 

foureight84

Active Member
Jun 26, 2018
266
240
43
  1. What kind of internet connection do you have? What's the downstream/upstream?
It is 300mbit up and down.
  1. While the ~40 people are connected, what are the usecases you're looking to support? Do you have high-bandwidth applications running at the same time from your wireless clients?
When 40+ people gather in one area, only two or three will have laptops and they switch back and forth casting to Apple TV or Chromecast. But right now our current node closest to the gathering area can't handle everyone's phone along with laptops trying to connect.
  1. If you can run hardwire to the AP, do that. Don't mesh.
Yes! Absolutely agree. The node I have right now in that area is on a hardwire. Originally it was one of the Orbi satellites on hardwire instead of mesh. But that satellite would just crash and not allow anyone to connect at all. Temporary solution was putting in a Linksys ea6900 with tomatousb flashed acting as an AP. Still causes issues but not as bad and it recovers relatively quickly .
  1. What's the physical space like? Where are the walls? Is there a lot of RF noise from neighbours?
The current office space is weirdly configured since we rented 4 rooms on the same floor and they're not all connected. I did have hard wires going to each room and one AP attached. The new space will be wide open except for glass panels for conference rooms.
  1. You'll also need a Ubiquiti controller. You can run it as a VM, or on a CloudKey.
Interesting point I will look into this. I saw mention of this but I wasn't clear if it's a standalone or built in feature with a router / gateway device.
 

foureight84

Active Member
Jun 26, 2018
266
240
43
i would add a secondairy ap.
instead of the hd, buy the nanohd, that will easily handle your load, is cheaper and will allow you to spread load

also, i wouldnt mess around with the cloudkeys..
run a local linux vm, install that with one of easy installation script, that will also setup the let's encrypt certificates for you.

if a local vm isnt possible , look at amazon vm for 5 usd/month
duly noted. it is a 5400sqft space and I was thinking of buying 3 hd.

What's the downside of the cloudkeys (https://store.ubnt.com/collections/wireless/products/unifi-cloud-key)?
 

j_h_o

Active Member
Apr 21, 2015
644
179
43
California, US
The new Gen2 addresses most of the shortcomings: underpowered, prone to sd corruption with power failure. It has a bunch more RAM and battery backup.

Given your desire to shut down pfSense because it's too much maintenance, I suspect you will feel that a VM running the controller is too much burden. So I think the Gen2 cloud key will be fine for you.

I run the controller on a Debian VM though :)
 

foureight84

Active Member
Jun 26, 2018
266
240
43
The new Gen2 addresses most of the shortcomings: underpowered, prone to sd corruption with power failure. It has a bunch more RAM and battery backup.

Given your desire to shut down pfSense because it's too much maintenance, I suspect you will feel that a VM running the controller is too much burden. So I think the Gen2 cloud key will be fine for you.

I run the controller on a Debian VM though :)
Hmm I could probably run it off a single board computer like a pandaboard.

I was thinking of later adding a sonicwall into the setup. That was a lot easier to configure and manage.
 

foureight84

Active Member
Jun 26, 2018
266
240
43
Curious, for a short term solution, is there a way to load balance two AP with the same ssid? Put them near each other and set max device connect for each so that one doesn't get saturated with connection attempts? I don't know if that's even possible considering that it's the same ssid and wireless devices will pick one with the strongest signal.

Edit: another thought, maybe I can setup another ap in the same area but this one will have a device filter and I can addac addresses for the laptops I know that will be used for presenting and casting so it will reject all other devices, maybe setup a different ssid entirely too.
 
Last edited:
Jan 4, 2014
89
13
8
Curious, for a short term solution, is there a way to load balance two AP with the same ssid? Put them near each other and set max device connect for each so that one doesn't get saturated with connection attempts? I don't know if that's even possible considering that it's the same ssid and wireless devices will pick one with the strongest signal.

Edit: another thought, maybe I can setup another ap in the same area but this one will have a device filter and I can addac addresses for the laptops I know that will be used for presenting and casting so it will reject all other devices, maybe setup a different ssid entirely too.
all you aps will run 1 ssid if choose so, same goes for 2.4 and 5 ghz radio's.
unifi has options to pref 5 ghz, and with minimum rrsi and celltuning you should be able to make roaming a breeze