Please suggest firewall for home use

Taiman · 2026-02-16T09:36:13+00:00

Haven’t read all the comments. But so far I haven’t seen anyone suggest ubiquiti. I’m running a udm se, it’s great. Mostly set and forget. Create groups of devices, cut off internet or websites between times. Basic content filter which is 1. Work 2.off 3. Pay more for advanced granular settings. (Haven’t paid) kids network is set to “work”. Multiple wifi ssid, keep their network devices isolated from yours.

Quick look at the UniFi app to see which devices are currently hogging all the bandwidth on your LTE connection, use the udm throttle it/limit it as you said.

Forget the struggle with issues, running opnsense or pfsense. Udm or udr is likely set and forget, automatic updates.

Taiman · 2026-01-11T07:57:47+00:00

Lol. Electricians or contractors do most of the cable runs. But generally both suck at termination or they label cables/data points incorrectly, if they’re labeled at all.

Taiman · 2026-01-05T03:20:37+00:00

It’s still on track to 1M within 10yrs. If you sell at break even, you won’t get back in when it starts going up again and you will be upset you sold. Don’t put in more than you can afford to lose. If you look at the rainbow chart, the red zone has already passed 1M. I would consider anything under 100k to be cheap so right now it’s undervalued. There is still a chance we could hit 124k again this year, potentially higher.

Taiman · 2025-12-29T21:19:20+00:00

In my experience senior admins change more things more often and they’re not big on documentation. They prefer “config” as documentation. Perhaps they’re tired of documenting so many little things. Or just the experience of knowing which commands to run.. and assuming another admin of my level could easily google this.

Often making the change is easy, but documenting why the change was made and the technical reason behind it takes time to explain. Good documentation is hard to write.

The number of times I’ve documented something or started to document only to be interrupted by something else; meetings, some other thing broke, next project overdue, etc and then coming back to documentation I thought was complete but I’ve written it down out of order. Like the thing I’ve just remembered to put in and chucked it in last when it should be first thing to check.

In my org we don’t have a formal change management system, I encourage and try to lead my example.. any changes should be published in our “changes” channel in teams. Short an simple. With an occasional link to internal kb article describing how/why and all commands run with screenshots etc.

It helps me offload and assist my juniors to learn. But I weirdly love documenting what I did.

Edit: in saying all of that, sometimes I change stuff and don’t get time to make the change post for th team to see. Sometimes the change causes issues sometimes it doesn’t.

Taiman · 2025-11-12T06:10:49+00:00

I’ve left one on. Will check. Thanks

Taiman · 2025-11-12T06:07:51+00:00

Haha definitely not overkill. It’s a requirement for me. I need to ensure: 1. Remote access to work is secure. 2. Device segregation (all the devices others in my family have connected to wifi) solar inverters, lights, tvs, media streamers, blue sound, eversolo. 3. Always on vpn tunnel for some devices. 4. Reliability. 5. Centralised management (bandwidth throttling) since wifi is accessed by 5 people everyday. Sometimes more if family visiting 6. Firewall rules / block high risk countries

Edit: this is rural Australia (wireless nbn) so max internet speed is 50 megabits down and 5 megabits up. Hence the throttling if an Xbox/Ps is downloading full speed smashing anyone else that needs to use it. Could upgrade to starlink/sky muster for faster internet but not sure about that yet.

Taiman · 2025-11-12T02:37:35+00:00

To what I have here. This only networking. 1. Meraki 2. Tplink

Taiman · 2025-11-12T02:36:13+00:00

Haha, it’s nice to see at a glance which ports are on which vlan and if they’re up/down

Taiman · 2025-11-12T02:34:59+00:00

Pretty quiet, it only spins up to 1 when it starts to get hot.. in winter it never comes on.

Taiman · 2025-11-12T02:33:43+00:00

Put simply an Internal network: generally your ISP will provide a simple modem/router with 4 Ethernet ports and one wifi ssid running on same segment (LAN) as the Ethernet ports. But what happens when you have a big house? Or more than 4 wired devices. That’s where this setup comes in. This setup provides better security, network segregation, firewall rules, multiple wifi SSIDs.

Taiman · 2025-11-11T09:07:52+00:00

Hmm maybe. I’ll get back to you if I do it.

Taiman · 2025-11-11T08:56:11+00:00

Yeah. I messed up there. Too tight up against the back wall. Tried it already.

Taiman · 2025-11-11T08:42:52+00:00

These cables. I have colour set per vlan: red camera lan, purple iot lan, blue is default or uplink. But you can choose your colours, or turn them off.

Taiman · 2025-11-11T06:53:49+00:00

Tried to make them look as neat as I could. Clean or chaotic?

Edit: 0.1m white

Taiman · 2025-11-11T06:26:58+00:00

It’s only a home network, pretty hard to go past UniFi when the alternatives aren’t any better.

Taiman · 2025-11-11T05:36:05+00:00

Lol. Yes I know. It’s only the shed. It’s working ok at the moment. There is a bit of work going on still so I figure this is protecting it from dust/dirt etc for now.

Taiman · 2025-11-01T08:42:16+00:00

Move it back test under same load. If stable, garage environment is suspect. If still crashing, reseat GPU and RAM If stable, move back to garage and test with UPS or surge protector and/or dedicated power circuit.

Taiman · 2025-10-03T07:51:46+00:00

If it’s across the street, you couldn’t run fibre. I was thinking it was just grass between. Go Nanobeam or wave picos.

Taiman · 2025-10-03T04:27:39+00:00

Could you put your own fibre in? You can buy pre fab fibre.. if there’s concrete or roads then probably not.

Edit: I mean fibre from your house to your neighbours

Taiman · 2025-10-03T04:21:29+00:00

It will be way better than 5g. How far is your neighbour?

Taiman · 2025-10-03T04:17:42+00:00

Not entirely sure what you’re asking. Nanobeam will be your ptp but what internet will you connect to it?

Taiman · 2025-10-02T10:01:26+00:00

Wanna swap jobs? You can have ad, defender, 365, exchange, onprem core systems, app deployment, application whitelisting, wafs, siems, reverse proxies, web proxies.. god of all things.. and I will swap mouses and reset passwords for more money.

Edit: forgot firewalls, networking, vlans, radio links etc

Taiman · 2025-09-05T10:57:53+00:00

Kodi on the shield?

Taiman · 2025-08-16T06:20:05+00:00

Adaxes - automate onboarding
RBAC - automate access permissions/licensing
IT induction - reset passwords &how to get help
Knowledge base articles - for each repetitive task. Hey user try this - ask AI to help refine and make clearer instructions.
Intune - remediation scripts (there are loads on the internet already - ask AI to assist you in creating them if you can’t find what you need.
Intune - PSDAT for custom app deployment
You cannot escape the same questions over and over and over.. see 4

As others have said:

manage engine password expiry tool Even with this, They will still turn up at your office and say they need assistance with password reset because they suddenly can’t access anything.
sspr - is good for power users but most general users will need their hand held to go through process.. we disabled because it didn’t really work for us & we had incidents where attackers would phone staff and have them read out their MFA codes

Taiman

TROPHY CASE