Router with VLAN support & parental controls

Haggisman

Haggisman

Haggisman

Soldato
Joined
6 Oct 2004
Posts
18,967
Location
Birmingham
In the process of updating my home network - slowly getting there, and now looking for a router to connect to my VM hub (in modem mode).

In particular I need:

VLAN support
Decent parental controls
Easy port forwarding

I currently have an TP-Link Archer C5400X, which is (was) a relatively high end consumer targeted "gaming" router, so it has quite a few advanced features, and in particular the parental controls are pretty comprehensive and easy to use.

Along with separating things like the CCTV system and IoT devices, my oldest is coming up to 13 now, so ideally I'd like to segregate him from the rest of the network on his own VLAN, for when he invariably downloads some dodgy stuff and tries to infect us all :rolleyes:.

That obviously also means I need some level of parental controls - at the bare minimum the ability to set on/off times on specific devices, and some level of web-filtering

I also run a server with a few dedicated game servers, so need to be able to port forward to that easily.

A few options I've seen suggested online include the TP-Link ER605 and Ubiquiti UCG-Ultra, but the parental controls on these seem relatively non-existent? Unfortunately it seems there's very little crossover between business and consumer devices - if I want VLAN support then I need a business device, for parental controls I need a consumer device.

The other option is a dedicated firewall - seen lots of mentions of Firewalla, but while the Purple looks ideal, the ~£400 it will end up being after shipping & import duty is a bit excessive!

Any suggestions on a router which ticks those boxes, or a separate firewall (that doesn't cost the earth) which I can add in?
 
Not the greatest at this but thought I would give it a shot.

Have you considered OpenWRT?

Parental controls seem decently robust: https://openwrt.org/docs/guide-user/firewall/fw3_configurations/fw3_parent_controls Scroll down a little for the section for on/off times: https://openwrt.org/docs/guide-user..._controls#time_restriction_of_internet_access

VLAN info here (I think most of it can be done from the web interface also): https://openwrt.org/docs/guide-user/network/vlan/switch_configuration

As for web filtering obviously something like Quad9 or OpenDNS can help. Port forwarding is obviously supported but I wouldn't call it "easy". On some reading they do redirect rules: https://openwrt.org/docs/guide-user/firewall/fw3_configurations/fw3_nat

If anything isn't totally obvious the forums of OpenWRT are a decent way of getting help to see if it would actually suit your requirements (I think it does anyway). Sometimes they do expect you to have atleast tried stuff and not just going in to be spoon fed the answers... depends who replies.

The beauty of OpenWRT is you can get it to run on really cheap hardware but since you have VM (likely a Gig speed or thereabouts) and a family you might need something with more grunt. GL-MT6000 is a decent shout. If you're not in a rush it will be on sale soon for around £115.

Sorry that's about the limit of what I know. :p
 
Last edited:
you can pick up Cisco 2960 switches on ebay for around 30 pounds, will do the job for VLAN and also added bonus of being POE ports.

www.ebay.co.uk

Cisco Catalyst 2960-S Series PoE+ WS-C2960S-24PS-L 24 Port PoE+ Switch with 4... | eBay

Make: Cisco. Type: Switch.
www.ebay.co.uk

For the other bits, build an pfsense box on a fairly old desktop (I use a i3 Gen 3 CPU) and will do the content filtering and far more.

My setup as follows

VM Hub in modem only mode --> pfsense box --> Cisco 2960s switch
 
My god, that's huge, if I had space for a proper rack somewhere then maybe :p

Decided to try the Ubiquiti UCG-Ultra, seems a nice bit of kit, watched a few videos and it seems it is possible to do what I want using DNS settings
 
You must log in or register to reply here.
Back
Top Bottom