Router for use with Lit/City Fibre - WiFi not a consideration...

TrojanWhore · 22 Mar 2025 at 23:09

So I've been happily using my (very old) Draytek 2680 since signing up, but tonight the router started restarting multiple times per hour (confirmed by system uptime).... I think it's time may have come

I plugged the ISP provided router in and it seems stable now, plus it's getting faster speeds than the poor old draytek (which was obviously not built with modern speeds in mind) :cry:

was getting 400mbps +/- 5% on that, ISP router is >500 consistently.

I have a couple of issues with it though:
- Not enough ports - It has 1 for WAN and 2 extras, which is enough for my PC and WiFi access point, but need more for other things (powerline,NAS, whatever else I might want to plug in)
- Features - I like the Draytek interface and had things like port forwards set up, also want to maintain other features such as VLAN as well as MAC spoofing in case I ever need them. The ISP interface is clunky and unfamiliar...

WiFi is not a consideration, as I have a TP link EAP that does everything I need from it. I looked at more modern Drayteks, but would rather not spend that sort of money and looking for any other suggestions, preferably <£100...
Is there something else with enterprise features I should be looking at (Mikrotik, Ubiquiti etc)? - I have an 8port Netgear (I think) switch somewhere but can't find it right now, might fall back to this but would prefer less devices/power supplies running!

ChrisD. · 23 Mar 2025 at 10:30

You're better off just getting a Gigabit switch (or using your existing Netgear if it's Gigabit), and getting a firewall/router with fewer ports. Build your own little appliance and run OPNsense or similar on it, there's also GL.iNet/Flint. As you already have a Wi-Fi solution I'd probably shy away from UniFi as their kit is really designed to have all devices in the same ecosystem. However if you are running multiple VLANs your existing switch won't work as you expect unless it's a managed device.

If you maintain a single flat VLAN, realistically how often are you configuring port forward etc? It's generally a one time thing, or something you would seldom configure so maybe save some cash, and use what you have.

Caged · 23 Mar 2025 at 13:05

The DrayTek issue is a security one that they should have patched.

Your budget doesn't really stretch to anything worth having with the requirements you've got, your best bet is probably to use the ISP router for now and then try and pick up a Zyxel EX5601 and flash Openwrt onto it.

TrojanWhore · 23 Mar 2025 at 13:38

Thanks both, I had been thinking something along the lines of a mikrotik hex, but you're probably right that I should give the ISP router more of a chance.
Might also take a look at TP-link, as I could, I assume, manage it with the omada app that I use for the AP.

... Now I just need to find that switch!

Orcvader · 24 Mar 2025 at 13:46

TrojanWhore said:
So I've been happily using my (very old) Draytek 2680 since signing up, but tonight the router started restarting multiple times per hour (confirmed by system uptime).... I think it's time may have come

Might be related to this: https://www.ispreview.co.uk/index.p...problems-with-vulnerable-draytek-routers.html

Had it happening at work too, we use Drayteks at multiple sites. Realised it was due to remote access being left on for the ones with the constant reboot problem. Unplugged the WAN connection, turned remote access off and it was fine again after that. Also updated the firmware to be on the safe side but ironically the Draytek site is down so I had to use their FTP site instead: https://fw.draytek.com.tw

Although I've been trying to push management to replace these now. The ones we have are ancient (2830/2860/2832) and after upgrading some locations to fibre they're definitely holding things back.

TrojanWhore · 24 Mar 2025 at 15:45

Nice one, I think that's worth me giving a try.... It definitely seems to be choking speeds a little but I prefer it to the ISP provided model so worth taking the hit until I can get something better.
I think mine is a 2860 and the firmware was last updated when I bought it from these forums (2019).... although having just checked the FTP site you linked, the last update for that model was 2015, long before any of the vulnerabilities listed on that article!

Will report back once I've checked it out

Orcvader · 24 Mar 2025 at 18:50

TrojanWhore said:
Nice one, I think that's worth me giving a try.... It definitely seems to be choking speeds a little but I prefer it to the ISP provided model so worth taking the hit until I can get something better.
I think mine is a 2860 and the firmware was last updated when I bought it from these forums (2019).... although having just checked the FTP site you linked, the last update for that model was 2015, long before any of the vulnerabilities listed on that article!

Will report back once I've checked it out

You mentioned 2680 in your OP which I can't see in the list, but for the 2860 the latest is from 2024. I had to download the 03v version which matches the modem code for the UK version: https://fw.draytek.com.tw/Vigor2860/Firmware/v3.9.8.4/

TrojanWhore · 24 Mar 2025 at 19:43

Ah you're right, my bad - I was looking at the list of model numbers where it said last updated was 2015-08-26, but hadn't clicked in to the sub-folders, can see it in there now

I'm pretty sure mine is a UK one, but is there any way to confirm which variant I need to download? Thanks for your help!

Orcvader · 25 Mar 2025 at 12:16

On the Draytek firmware update page, when you select the firmware to upload, there should be a preview button. Click that and it'll show the modem code of your current firmware as well as the new firmware. If they don't match it'll highlight it as red, and green if it does.

With the 2860n specifically, I updated from 3.8.9.8 to the latest 3.9.8.4, and it did take around half an hour or so for it to apply, so just a small warning if you think it's taking too long.