Router to replace TL1043ND

Kei

Kei

Kei

Soldato
Joined
24 Oct 2008
Posts
2,752
Location
South Wales
Been using a tp link TL-WR1043ND V1 since I moved to BT infinity a few years back. All told it's been great, but it is starting to get a bit unreliable, becoming completely inaccessible and stopping all network traffic. (a power cycle fixes it for a week or so) I've updated the firmware to the latest version and taken it to bits and replaced all the capacitors in the hope that it would solve the intermittent issue but nothing has worked so far.

I've been looking at all of the options out there and have to admit that they all seem a bit hit & miss going by the reviews. Mad as it may sound, I've been considering going all out and getting a dedicated router (cisco 1921) and separating the wireless using an access point connected via gigabit ethernet. I'd still be using the ECI vdsl2 modem as the HWIC cards for the cisco don't come cheap. I also realise that it will need configuring which isn't anywhere near as simple as a web interface.

This is the current layout of our home network. Blue is cabled ethernet, green is wifi.


This was the idea I'd had for using the cisco router. I've been looking at the D-Link DAP-2695 as the access point and using a pair of unmanaged 8 port switches.


Anyone got any ideas. Like whether my idea really is as nuts as I think, or whether I can get something that will be reliable without needing perpetual firmware updates. The only requirements that i have are:-

  • Reliable
  • Secure
  • Port forwarding
  • DHCP address reservation

For wifi, I merely need it to cover the house, which the current TP link just manages. Speed on wifi isn't important provided i get sufficient bandwidth for normal web browsing.
 
Last edited:
Cheers, that's a big help. TBH, I get the feeling that I may be going overkill on it as it is just basic FTTC giving 75mb down 18mb up. I like to keep the connection here as gigabit in case i move up to a line speed in excess of 100mbit in the future. The server that i have is just my old phenom II system rebuilt with a huge RAID 5 array for storage running on openSUSE. It also gets used for teamspeak, ftp and plex.

Router wise, I have no need for anything like vlans or vpns that require cisco kit at either end. Size and noise are also concerns. The 1921 is as big as I'd be willing to go. The older 28xx series and the 1941 were definitely too big. Cost is the other issue as I'd rather the total cost didn't exceed £500. (a second hand 1921 and the access point uses that)

My current config for the most part works fine, just reliability that lets it down. It does get some heavy traffic internally. (usually copying/moving large files around) The internet connection only gets used heavily when downloading games via steam or when using ftp.

I have looked at the Asus RT-AC87U & RT-AC66U, Linksys WRT1900AC, TP-Link Archer AC1750 and netgear nighthawk R7000 & X4 AC2350. The reviews are all distinctly hit and miss. (TBH, I'd prefer the simplicity)
 
Yes, certainly no fun to be had if you don't go a little overboard. What I meant by wifi speed not being important, is that it isn't my primary concern, rather than it not being something I would like. (given the opportunity) The 1921 seems like a reasonable deal as I don't mind the size (we have 2 of them in work) and they seem to be quiet. I'd need both NAT and firewall to be enabled so throughput on a lower model would probably fall, maybe not below my current connection speed but certainly likely to be below the potential line speed in a few years time. It'll also be a challenge for me anyway as configuring a cisco device will be new territory that I'd like to learn.

The only remaining question:
1. Can I get it to always assign the same ip addresses to machines by mac address rather than me having to set static ip's on the machines?
 
Well, I'll be the proud owner of a new cisco 1921/K9 ISR router at some point next week. (with IOS version 15.2)

Next challenge is to choose the interconnecting switch and the WAP.

1. Dumb or managed switch? I have an ordinary GS108 in my room already. Idea's so far:
Another Netgear GS108 (though the capacitor issue has put me off somewhat, even though I have the skill and tools to easily repair them)
Cisco SG100D-08-UK - reasonably cheap alternative to the GS108
HP 1810-8G Switch J9802A - managed switch which seems to be sensible money

2. Is the DAP-2695 the ideal access point for my purposes or have I overlooked any others? I've been looking at other brands as d-link doesn't have the best reputation nor can i find many reviews for this particular AP. These were the other APs I've been considering:
Cisco WAP371
Ubiquiti UniFi UAP-AC

Not fond of internal mini antennas though as that limits the range. Maybe I'm worrying over nothing regarding the d-link AP though.
 
Last edited:
Well, if the dlink access point has been fine for you, I don't see any reason to avoid it as i only need it to act as an access point. (so the cisco router assigns ip addresses to clients on wifi.) The all internal designs aren't my cup of tea as i like external antennas.

I may as well go with the hp managed 8 port switch as it gives me some options that i may or may not use in the future.

Thanks for the help, it's been very useful. No doubt I'll be pestering you for further assistance once the cisco turns up. (though i've got some info about a 1921 and infinity already which should help)
 
Last edited:
All ordered, just have to wait for it to arrive. I went with an hp procurve 1910 8 port switch over the 1810 as I prefer the metal construction and built in psu.
 
Still waiting on the cisco to arrive but the access point and switch are working well together with the TP-link router. Not sure the range is any better than the tp link but the speed is certainly up, 5ghz wifi is certainly a heck of a lot quicker than 2.4ghz.
 
Yeah I decided to split the two frequencies apart as separate SSIDs to avoid all the 5GHz devices defaulting to 2.4. Even in a poor signal area it was able to copy files at 10mb/sec, in good signal that was up around 45-50. 2.4 was around 2mb/sec in moderate signal strength. I haven't really played about with many of the settings yet, but strength/coverage of 2.4 doesn't seem superior to the tplink. It certainly manages the whole of the inside of the house. The old tp link could manage to get sufficient signal for sitting in the car on the street outside, but little of the back garden. I assume that it is possible to extend the coverage by buying another 2695 and placing it at the opposite end of the house. (if i wanted to improve signal strength for the back garden)
 
The cisco arrived yesterday, so i got straight to it after work. Finally managed to get it to work in place of the tp-link by about 1am. (started on it around half 8) Tested on speedtest and i am getting the full throughput of the connection. (75mbps/18.5mbps)

Here is the startup config that's now been set.
Code: 
Cisco-1921#show startup-config
Using 3305 out of 262136 bytes
!
! Last configuration change at 00:50:55 UTC Sat Nov 8 2014
version 15.2
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Cisco-1921
!
boot-start-marker
warm-reboot
boot-end-marker
!
!
enable secret 5 $1$GAFE$d0Ah1QWpu4CUlpB27ztl2.
enable password 7 05242427751C1B24
!
no aaa new-model
!
ip cef
!
!
!
ip dhcp excluded-address 192.168.0.1
ip dhcp excluded-address 192.168.0.50 192.168.0.51
!
ip dhcp pool main_dhcp_pool
 network 192.168.0.0 255.255.255.0
 default-router 192.168.0.1 
 dns-server 194.72.0.114 213.120.234.46 8.8.8.8 
!
!
!
ip domain name WesNet
ip name-server 62.239.186.73
ip name-server 8.8.8.8
no ipv6 cef
multilink bundle-name authenticated
!
!
!
license udi pid CISCO1921/K9 sn ********
!
!
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
 no ip address
 shutdown
!
interface GigabitEthernet0/0
 no ip address
 ip tcp adjust-mss 1452
 duplex auto
 speed auto
 pppoe enable group global
 pppoe-client dial-pool-number 1
!         
interface GigabitEthernet0/1
 ip address 192.168.0.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
 ip tcp adjust-mss 1350
 duplex auto
 speed auto
 no mop enabled
!         
interface Dialer1
 ip address negotiated
 ip access-group 101 in
 no ip unreachables
 ip mtu 1492
 ip nat outside
 ip virtual-reassembly in
 encapsulation ppp
 dialer pool 1
 ppp chap hostname [email protected]
 ppp chap password 7 1415060303092F23312A1337361115190205545856571A0D0C15
 ppp pap sent-username [email protected] password 7 0111120C54060307344E6E0B0D07051D0A08062B252066303A2F
!         
ip forward-protocol nd
!         
no ip http server
no ip http secure-server
!         
ip nat inside source list 1 interface Dialer1 overload
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 192.168.0.0 255.255.255.0 GigabitEthernet0/1
!         
access-list 1 remark INTERNET-ACCESS
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 101 deny   ip 192.168.0.0 0.0.255.255 any
access-list 101 deny   ip 172.16.0.0 0.15.255.255 any
access-list 101 deny   ip 10.0.0.0 0.255.255.255 any
access-list 101 deny   ip 127.0.0.0 0.255.255.255 any
access-list 101 deny   ip 255.0.0.0 0.255.255.255 any
access-list 101 deny   ip 248.0.0.0 7.255.255.255 any
access-list 101 deny   ip host 0.0.0.0 any
access-list 101 deny   ip host 255.255.255.255 any
access-list 101 deny   udp any any range 33400 34400
access-list 101 permit icmp any any net-unreachable
access-list 101 permit icmp any any host-unreachable
access-list 101 permit icmp any any port-unreachable
access-list 101 permit icmp any any packet-too-big
access-list 101 permit icmp any any administratively-prohibited
access-list 101 permit icmp any any source-quench
access-list 101 permit icmp any any ttl-exceeded
access-list 101 permit icmp any any echo-reply
access-list 101 permit tcp any any established
access-list 101 permit udp any any
!         
!         
snmp-server community WesNet RO
snmp-server enable traps entity-sensor threshold
!         
control-plane
!         
!         
!         
line con 0
line aux 0
line 2    
 no activation-character
 no exec  
 transport preferred none
 transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
 stopbits 1
line vty 0 4
 password 7 09636C214D55423F585B56253E2F
 login    
 transport input all
!         
scheduler allocate 20000 1000
!         
end

I reckon that the line "ip name-server 62.239.186.73" has an incorrect ip address. (should match the DNS from the section above) Minor muck up where i was trying to figure out what my current BT DNS servers were. (that ip is actually bt.com)

I also haven't worked out how to do the bound dhcp addresses. Should I start the "main_dhcp_pool" at 192.168.0.5 rather than 192.168.0.0 and then bind the other machines from 192.168.0.2 up?

I haven't tried to set up a firewall properly nor have i attempted to configure port forwarding. The port issue i reckon is going to be the most difficult due to online gaming.
 
I could get one cheap, it posed a challenge to get it to work and it was definitely going to be more reliable than the budget tp-link. Couldn't resist the challenge really. Here it is fitted and running. I've also managed to successfully configure the manually bound dhcp pools for the machines that need fixed addresses.
IMG_5556
 
Last edited:
You must log in or register to reply here.
Back
Top Bottom