Asus Routers

[SpellowHouse]

I was doing some reading and noticed with some interest that Asus have introduced a policy in their latest firmware that means they can force security updates on their routers even if owners disable the feature.
This adds to a long line of router functions that allow access to your personal data. In theory, even access to your emails.

This made me wonder, which manufacturers do people here think are the most trustworthy names for routers? I mean, Asus are a popular make. I assume we can't really trust TP-Link either?

 

[Rainmaker]

My memory gets older by the day, but aren't you the chap that usually defends Asus in the threads pointing out their woefulness?

which manufacturers do people here think are the most trustworthy names for routers

They all have pluses and minuses, but personally speaking: OPNsense, Mikrotik, Juniper (mostly), Sagemcom, Alta Labs (new, watch), Ubiquiti (concerns about firmware maturity and completion), Firewalla and GL.iNet. Edit: OpenWRT were missing here, and shouldn't be. They now manufacture too, I had previously implied but not named them with GL.iNet.

 

[SpellowHouse]

My memory gets older by the day, but aren't you the chap that usually defends Asus in the threads pointing out their woefulness?

They all have pluses and minuses, but personally speaking: OPNsense, Mikrotik, Juniper (mostly), Sagemcom, Alta Labs (new, watch), Ubiquiti (concerns about firmware maturity and completion), Firewalla and GL.iNet.

I think Asus routers are generally good consumer products, I don't think they are as bad as people say they are, but I have never liked the way that they farm out some functions to other companies in exchange for access to personal data. Of course you can always not use those functions, which is an opt-out for the tin hat users.

Anyway, apparently there are two knew agreements that the user is confronted with when a router first powers up. The first is a new software agreement that basically states that Asus can disable your router at any time. The second is a privacy agreement which allows Asus to collect data and give it to other companies. You can not say no to the software agreement and you have to be over 16 to use the router! It goes on to state that even if you say no to the privacy agreement, and disable firmware and security updates, they can force security updates on you, meaning they can pretty much do whatever they want, including disabling your router. This, in my opinion, is a step too far.

 

[GregI]

This made me wonder, which manufacturers do people here think are the most trustworthy names for routers?

None.

To me the only thing a router manufacturer/brand does is plan and develop the hardware to a good level. Check via internal review photos or from FCC (PCB, heatsink design etc). After that it's just a case of "how easy is this to install OpenWRT (preferably with uboot) or OPNsense. Maybe you can also get away with Ubiquiti products.

Asus as an example the TUF-AX6000 is actually fine. I can get a trx image that loads via the default Asus web interface that installs OpenWRT with uboot. Hardware design it's ok but it's also over £170 so meh. You get the point though.

 

[ChrisD.]

This, in my opinion, is a step too far.

You seem surprised, folk on here have been saying to avoid Asus for quite some time. The 'step too far' is when they knew about a security exploit in their firmware, they knew it was being actively exploited, they denied knowing about it, and stuck their fingers in their ears 'la la la la'. Until the US Govt forced their hand.

 

[alex24]

OPNSense and probably custom hardware would be the setup easiest to trust as you have complete control over the components and their firmware, as well as open source software running, the code for which you can review yourself if you’re so inclined.

You sacrifice some convenience, practicality, power consumption and ease of use in that setup (arguably) versus a dedicated device.

I’d be very happy running that, MikroTik or UniFi in practice.

 

[dmsims]

You could always install Merlin.......

 

[Avalon]

None.

To me the only thing a router manufacturer/brand does is plan and develop the hardware to a good level. Check via internal review photos or from FCC (PCB, heatsink design etc). After that it's just a case of "how easy is this to install OpenWRT (preferably with uboot) or OPNsense. Maybe you can also get away with Ubiquiti products.

Asus as an example the TUF-AX6000 is actually fine. I can get a trx image that loads via the default Asus web interface that installs OpenWRT with uboot. Hardware design it's ok but it's also over £170 so meh. You get the point though.

Tagging me and then editing it? C'mon, do better.

Asus are a garbage hardware OEM, they have been since the beginning of the network side, and for that matter since the P4 days on motherboards and the beginning of the graphics side. Network wise from outright lies from the official Asus rep of the week over the modem chipsets that everyone else got to work and they just lied about to our faces for years, through to the bad solder joints and failing interfaces as the solder breaks, the fake FCC test data and of course the often referred to cluster duck of stupidity that was not patching firmware holes or even making any attempt to secure consumer data for years, then the filtering/security issues and they just keep going. You have to be a special kind of stupid to buy a networking product from a company with a documented history like that, or not know better.

Just to clarify what @ChrisD. said, the only reason Asus initially - and after ignoring the issue for *years* - patched the firmware holes was one of it's largest distributors in the US put them on notice that if they didn't do so, all products would be removed from sale, the FCC only got involved later on. Asus literally didn't care about it's customers/customers data or privacy until it's sales were threatened, they are utter scum. I would say worse than the PF team, and the documented history they have of vile hate campaigns, U turns, lies and trying to blame Jason for the wireguard fiasco where they announced the wanted to go closed source and we should trust them while literally at the same time trying to mainline code they had paid a convicted racist felon who had to be arrested via Interpol warrant and extradited back to the US to face charges that was littered with issues... No thanks.

 

[GregI]

To be fair I misread what Rainmaker said. I thought he was referring to Spellow as the guy who keeps bringing up how bad Asus was so I typed "No that was @Avalon" knowing you would come in guns blazing. I only realised after I had clicked post reply so I just edited it out.

 

[Avalon]

To be fair I misread what Rainmaker said. I thought he was referring to Spellow as the guy who keeps bringing up how bad Asus was so I typed "No that was @Avalon" knowing you would come in guns blazing. I only realised after I had clicked post reply so I just edited it out.

Rainmaker knows my views on Asus pretty well, I think we're pretty much in agreement that they're the floater of the networking world that just won't flush! There's a reason he doesn't list PF in his post, and it's predominantly the same reasons I mention. I like my firewalls to be boringly reliable and drama free, and yes, I grew up using smoothwall

TBH I used to run Untangle, OPN and OpenWRT, then one Sunday in March last year while lay in bed minding my own business, I had a friendly difference of opinion with ChrisD. over Ubiquiti's unfortunate history with CCTV and the inability to differentiate between humans and cats in the early days of Protect. Chris normally speaks sense, but Protect was crap in the beginning, the camera build quality has always been sub par and they literally threw previous early adopters under the bus with a CCTV offering that sucked and was EoL'd. So, in a typical bored me way, I had a few days free between projects, and boxes of Unifi kit started to arrive shortly after, just so I could renew my 'hate on Unifi credentials' and by sheer luck, this happened to be around the time major firewall upgrades were happening, even the 'stupidly expensive doorbell' is actually worth it. The Unifi camera's are still pretty crap in the dark compared to ColorVu, but at least I can officially feed my Hikvision's to Protect now, and surely in the next generation they will either move to ultra low lux full colour or make the AI modules cover multiple cameras.

I still have my 7th gen i3 dual NIC NUC sat on the corner of the desk with Proxmox and my old router distro's sat on an SSD waiting to be dropped back into service (Proxmox made VLAN tagging easy for CityFibre and allowed me to just present clean DHCP to each distro), but at this point, i'm not really in any hurry to go back. Unifi isn't perfect, but it's continually heading in the right direction, and that's probably more important than anything else for me at this stage.

 

[Minato]

As a more typical user that doesn't know what most of the words in the above post mean...

I've got 2 XT12s and 2 AX94us in a mesh network at home with 3 being wired backhaul and one wireless. Works great, good WiFi speeds around the house and each of them has their own LAN ports for nearby fixed devices like TVs or Desktops to connect to and get full gigabit.

Went with this setup because I got them at a great discount from Cex. And it's much better than godawful BT home hub plus WiFi discs.

 

[Rainmaker]

Rainmaker knows my views on Asus pretty well, I think we're pretty much ion agreement that they're the floater of the networking world that just won't flush! There's a reason he doesn't list PF in his post, and it's predominantly the same reasons I mention. I like my firewalls to be boringly reliable and drama free, and yes, I grew up using smoothwall

All day, every day - and twice on Sundays. I am waiting to see how the Route10 matures, and for the release of Alta Labs' WiFi 7 pro AP before I spend more money on playing with new networking gear. OPNsense works fine for me just now.

 

[SpellowHouse]

You seem surprised, folk on here have been saying to avoid Asus for quite some time. The 'step too far' is when they knew about a security exploit in their firmware, they knew it was being actively exploited, they denied knowing about it, and stuck their fingers in their ears 'la la la la'. Until the US Govt forced their hand.

Yes but I tend to find that there are two different types of user on this forum. Those who understand networking blub and those who don't. The ones that don't need a consumer product that is free from tech-speak, and that immediately rules out many business class products.

 

[Rainmaker]

Yes but I tend to find that there are two different types of user on this forum. Those who understand networking blub and those who don't. The ones that don't need a consumer product that is free from tech-speak, and that immediately rules out many business class products.

There are many plug and play consumer friendly routers that aren't made of equal parts Swiss cheese and gaslighting.

 

[ChrisD.]

The ones that don't need a consumer product that is free from tech-speak, and that immediately rules out many business class products.

And in most cases, the ISP supplied router would be perfectly fine for those users.

 

[SpellowHouse]

And in most cases, the ISP supplied router would be perfectly fine for those users.

Yes, I think many of the people who buy their own are searching for a particular feature or performance level they aren't getting from their ISP router. And one of the reasons I like Asus is because they have a very comprehensive array of features, and they are the same from one router to the next so you know what you are getting. They also have Merlin so there is actually some support and that's a very strong point in their favour, for me. It's true that I am not an expert at this and I do not know many makes, but the number of times I have sent a router back because a particular function is missing.... I did wander in to commercial routers at one point, but honestly didn't understand the language and found the configuration really hard going. And my supplier, Zen, will not support "other routers" any more. And before anyone says it, I don't want to learn it either. I have better ways to spend my time.
Anyway, I was afraid this post would descend in to "defending Asus" which is exactly what I didn't want it to do. Nothing anyone can say is about to convince me that they are a complete waste of time. Maybe they are like Cat7 cables, but people still buy a lot of them.

 

[ChrisD.]

I’m not sure how anyone can defend, or want to spend money with a company which knew its customers were being exploited by a security issue, and not only did they deny it, they refused to help until they were forced to by the US government. It’s not like they’ve got any better, look at their latest RMA scandal.

 

[Demoulous]

I’m not sure how anyone can defend, or want to spend money with a company which knew its customers were being exploited by a security issue, and not only did they deny it, they refused to help until they were forced to by the US government. It’s not like they’ve got any better, look at their latest RMA scandal.

^ This. It's the reason I moved from a GT-AX6000 over to a UDM-PRO-MAX and have been happy ever since. Plus, I now get to play with all the added features as its way more capable.

 

[SpellowHouse]

I’m not sure how anyone can defend, or want to spend money with a company which knew its customers were being exploited by a security issue, and not only did they deny it, they refused to help until they were forced to by the US government. It’s not like they’ve got any better, look at their latest RMA scandal.

I don't think that are that many alternatives. These days it largely seems to be Asus and TP-Link. Devil and the deep blue sea to me. Yes there are plenty of other makes, but I think many of the business class products are shrouded in a veil of mystery for the average home buyer. And, also, the reviewers on Youtube seem to focus on, you guessed it, Asus and TP-Link. Yes, Asus do have problems, but I've never had a problem with them. I would happily buy something else, if there was something else. But mostly, when I ask for alternatives, I just get told how bad Asus are!

 

[ChrisD.]

And, also, the reviewers on Youtube seem to focus on, you guessed it, Asus and TP-Link.

That's because they are paid reviews, or reviews by people who have zero clue about what they're talking about. Plenty of alternatives have been mentioned in this thread - UniFi, OPNsense etc, you ignore them.