Saturday, December 30, 2017

Tech Review: Asus RT-AC3100

After finally getting fed up with my old router dropping devices, locking up, and corrupting firmware, I decided to get a new one. Working in IT, one would think I had a good idea of what to get, but I only had a list of brands in my head to avoid. So off to the Googles for lists of good routers. I came across some various Asus routers and figured I would check their site for what they have to offer. Generally my goal is to go for a newer device to avoid upgrading for as long as possible. In this case, it was a matter of I need something that also works well.

So after a same day in store pick-up, it was time to set up a brand new router. So as far as basic setup to get going, it was so simple and quick that I don't remember any of it. Seriously, it was simple with a fully guided setup. For me, that's too boring. After it was setup, it was time to fine tune and update. The control panel for this is nice, however setting IPs manually is very annoying and was hard enough to find where to do it. There is also a rather bad disconnect between what you can do with the phone app for it and what you can do on the actual control panel.

When it comes to security, it has a guided scan for that, making it easy enough to lock down the features. The one thing that annoyed me is that if you don't go through the security stuff, it has a lot of outside access enabled. I turned off all of the dydns stuff and it's actually in its own NAT anyway, so that won't work. Reason for that is I have a business class router that gives me four separate networks I could configure, but I just use one and only really have it because I use too much internet. As far as all the security options, a quick run through is:

  • Change default login
  • Strong wifi password (mine is way too long but it keeps others from learning it)
  • Wireless encryption
  • WPS disabled
  • Ping from WAN disabled (doesn't do much in my case because the WAN is a private network)
  • DMZ disabled (WAN is private, so not much of a problem either way in my case)
  • Port trigger disabled
  • Port forwarding disabled (If you lock down your device, this doesn't matter too much)
  • Anonymous login to FTP disabled (I keep FTP disabled as a whole because it's plain text, they need to add SFTP)
  • Disable anonymous login to network shares
  • Malicious website blocking enabled
  • Vulnerability protection enabled
  • Infected device prevention and blocking
These are all good things, especially when you share a network or even have kids using it. My niece was using her new laptop she got for Christmas while she was over and I noticed she clocked on an ad which took her down a string of fake search engines. I feel having a safe network both outside and in will be quite necessary in the not so distant future.

The parental controls on this seem quite simple, I have not tested to see what catches them though. I'd imagine that I'd trip off parental controls quite often. The options are to block porn, violence, gambling and illegal stuff (sounds like a good weekend to me), messengers, social media, file sharing and streaming. Basically everything that runs into either age restrictions or COPPA.

Now the QoS stuff is my favorite. It doesn't do much on a not so heavily used network, but it has all the monitoring stuff there for you to view. It's very basic in controls and I don't know how much of an impact ia will have, but games and streaming are high priorities for me, so that's the gist of my setup. There's also further information in a traffic analyzer that can give some more insight into individual device usages.

A feature I have setup and plan to use quite a bit is the samba share. I have a 2TB external that I keep for backups, but since it is NTFS that can cause some problems. Luckily, every modern device known to man now seems to support samba, so we can dance the night away with some file transfers. I have noticed that while trying to move files off of a time machine to the hard drive, it times out quite often. I think that's just a culmination of other problems and aging hardware. You can isolate file permissions, but keep in mind that the router login will have full access to everything. You can remove its access but when I tried that, everything came apart at the seems. I couldn't write to the drive.

One feature I have enables that I think will prove to be very useful is the IFTTT options. I have my phone text me when someone connects to the network. One major security hole I see though, is the Alexa support. When you can voice command your router to do things like turn on a guest network or even administration stuff, that just seems like poor design. Voice recognition is not secure, so why add it to something you are trying to keep secure?

The last feature I want to touch on is the mobile app. It works. It's not great. It makes a good monitoring tool and the family feature lets you group devices together per person to either check their usage or quickly block someone entirely from the network. You can check on things and do some basic tasks quickly. I personally want more, but I can't fault it on that. I fault it on the fact that some mobile features are not available on the control panel as far as I can find and the same goes the other way. This is the disconnect.

I could go on for quite a while point by point with features and such, but the rest are boring. So quick overview: firewall, url filtering, keyword filtering, dual wan with fallback and loadbalancing, 3g/4g through usb devices, ipv6, vpn, WTFast integration, ssh (yay!), telnet (why?!), ping, traceroute, and nslookup. There are probably other things I missed, but whatever.

So, coverage and reliability. I live in a small house that was not designed with networking in mind. This router is made for large area coverage. My signal goes all over mu .98 acres and beyond. I have no idea where the signal ends. I have not had a device drop off for the two days I've had the router, but here's the thing. There is the AC88U that is the same 3100 class router, but with an extra network card that has 4 more ports. That one has a lot fo complaints about it just suddenly not working or things dropping off. I imagine it's a bit of user error and a bit of hardware not playing nice. This is just a guess. There were fewer complaints about that on this router, and by fewer I mean enough to chalk up to purely user error, mishandling, or actual defects on those specific devices. So I'm confident that it will hold up fine.

Now for the conclusion. Yes I would recommend it to others, even the less tech-savvy. In fact, I think it was made for the less savvy with a few bones thrown for the more technical minded. I've personally never had a problem with Asus before, but I have had problems with some of the pairings with Asus. So until the router decides to go down in a blaze of glory, I'd say it's a good deal. It's not cheap, but seeing as it is the only device that will be the backbone of most people's home network, it's something you should spend a little extra on.

Now for some after stuff of my network. I got a business class router/modem thing from Xfinity that I'm not going to check what the model is because that requires getting up. I just use one port right now that goes to the router. The router goes off to a very old switch that goes to everything else in the house. I have a newer switch, but that is in the office right now because I was working on stuff but then the RAM died and I'm too cheap and lazy to replace it right now. One of the ethernet cords goes to the entertainment center, which has an old time machine acting as a switch because reasons. I need a couple of new switches, but I'm too cheap to mess with what seems to work for now. The old switch is an HP procurve 8 port managed piece of junk and the newer one in the office is an unmanaged Cisco 8 port. I got the managed one to mess around with vlans, but I don't have anything that has a reason for that, so that's just me taking ideas from work home with me for no reason other than it's fun. Eventually I will do everything all proper, but for now it works.

Tag Cloud

.NET (1) A+ (2) addon (6) Android (4) anonymous functions (5) application (10) arduino (1) artificial intelligence (2) bash (4) c (7) camera (1) certifications (4) cobol (1) comptia (4) computing (2) css (2) customize (16) encryption (2) error (19) exploit (17) ftp (3) funny (2) gadget (3) games (2) Gtk (1) GUI (5) hardware (7) haskell (15) help (8) HTML (6) irc (2) java (5) javascript (21) Linux (20) Mac (5) malware (2) math (8) network (9) objects (2) OCaml (1) perl (4) php (9) plugin (7) programming (42) python (24) radio (1) regex (3) security (25) sound (1) speakers (1) ssh (3) story (1) Techs from the Crypt (2) telnet (2) tools (15) troubleshooting (5) Ubuntu (4) Unix (4) virtualization (1) web design (14) Windows (8) wx (2)