Best Home Network Setup
As an IT Admin I get a lot of questions about people’s home network. What is the best home network router? How do I optimize my wireless network? Which network switch should I buy? And I completely understand, these days there are some many products and the technology keeps improving (wireless B/G/N or AC? or 2.4ghz or 5ghz?)
In this blog post, I will advise you which router, switch and/or access point you should buy, how you connect everything and give you some tips on setting up your home network, so you have the best home network for your money. If you have any question, just let me know.
- 1 Planning your Home Network
- 2 Best Home Network Router
- 3 Home Network Switch
- 4 Home Wireless Network
- 5 Home Network Setup
- 6 Home Network Security
Planning your Home Network
Before we start buying the network gear, first figure out what we need and what we want to accomplish with our home network.
- What is the layout of your home and where do you want to have internet? Just inside or do you also want to use the WiFi in your garden?
- Wired or Wireless? Most devices can connect over WiFi, but for streaming and gaming, a wired connection is better.
- Do we need to access the company network over VPN?
- How many devices do we need to connect wired?
So taking these points into consideration, we need to plan for a network that is suitable for now and the upcoming 3 to 5 years. More and more devices require an internet connection these days, most wireless, so a good wireless coverage is important.
Also, keep in consideration that kids grow up, get there own mobile phone and might have a computer or game console in their own room.
Best Home Network Router
The first thing we need is a good network router. Your ISP will provide you with a modem/router which sometimes also has a built-in access point. So you might think, why not use just the default modem/router? Well, you have no control over security, the features are limited and the WiFi coverage is terrible. Besides that, the modem/router from the ISP needs to place close to the internet cable, which is in most cases not place where you want to use the wireless network.
What are we looking for in a router is a device that is easy to manage, fast (amount of packages per second) and fanless (fans make noise and attracted dust into the device). What I don’t care about it there WiFi performance. A router is never placed in the optimal position for a good WiFi coverage and because a good WiFi coverage and speed is the most important part of a good home network you really shouldn’t save money on buying a good access point.
I am a huge fan of the Unifi product line for home and small business networks. The Unifi line uses a web-based controller which you can run on your computer or with a cloud key. You can use one controller to manage all your Unifi devices, get a clear overview of your network performance and connected clients.
The performance of the devices is enterprise-grade, the prices really good. They support all the must-have features, like QoS, Advanced Firewall, VLAN support and VPN.
Netgear has always done a decent job on networking. Their products a reliable, the web interface is ok, not centrally managed though and the pricing really low.
The N750 has VPN support, is compatible with Time Machine and a great feature is the USB storage access. This way you can connect your USB hard drive to access it from your network (or smart tv for example)
One of the best Netgear routers out there, spend the few extra bugs and buy at least the AC1900 which has dynamic QoS. QoS prioritizes the network traffic, for example, Streaming, Video Conference traffic is more important than download traffic. So this is given a higher priority and is handled first over the network.
If you don’t want or can’t place a separate access point, then this the router you should get. The WiFi performance is great and blazing fast.
Wait, what, is that title correct? We are in the router part here… Yes, I know, but this is something different, something new. And as a tech guy, I like new. Google created a Router replacement set, it uses multiple Wifi Systems that takes care of the routing and Wifi Coverage.
Don’t make the mistake of just buying one of these, that just won’t work. To make full advantage of this technology, buy at least two or three to create a mesh network in your house. Because of the nice design, you can place these in view everywhere in your house.
Home Network Switch
Connecting network devices by wire is the best solution if you want stability and performance. Wireless networks are prone to interference which can be really frustrating when you are watching your favourite series on Netflix or competing in an online game. So when you have the opportunity, pull cables to every location in your house to ensure a good, reliable, home network.
When I remodelled my home I pulled some extra wires to the TV and HiFi set. Yes, the Smart TV supports WiFi, but the built-in antenna is surrounded with metal which weakens the signal. And I hate it when Netflix keeps buffering, so if you have the chance, get an ethernet cable between your TV and router.
How many ports do you need?
So as part of our home network setup, we need a good switch to connect all the devices together. The most routers come with 4 Lan ports, so if you are only going to use WiFi in your home, then a switch is not needed. In all the other cases, I recommend getting at least an 8-port switch to connect everything. Why 8-ports? Well, let I take you through a short list of common network devices:
- You need one port of the switch to connect the router
- Access point ground floor
- Access point second floor
- NAS (Network Attached Storage / External hard drive)
- Smart TV
- Game Console
- Smart Thermostat
- Office / Computer
You see, nothing really special here and I already used the 8-ports. When buying a switch keep the following in mind:
- PoE support, this way you can connect an access point with only an ethernet cable.
- vLAN support, you want to separate you guest network for your own.
- Gigabit Ethernet speed
To take full advantage of the Unifi products, we will go with a Unifi Switch with PoE. The PoE allows us to connect the Unifi Access Points with only an ethernet cable, eliminating the need for a PoE adapter.
The Unifi line is again enterprise grade hardware for a good price. Combining all the Unifi products will allow us to manage our home network with just one controller. It will make your life and network a lot easier.
If you need more then 8 ports, I suggest you go for two Unifi switches, an US-8-150w and a normal US-8. The 16 and 24 ports Unifi’s have built-in fans which can make some noise. The 8 ports are fanless.
Netgear ProSafe series
The ProSafe series is the best choice for home and small business. They can be wall mounted really nicely, have a lifetime warranty and all the essential networking features.
So these are my two goto switches, I have used them both many times and they never let me down.
Home Wireless Network
For every business or home network setup, I just use one brand for the access points, Ubiquiti Unifi. Why? Because they are so easy to manage and have such a great performance that they are the best value for money in my opinion.
So to get the best wireless network, we need to understand the layout and structure of our house and identify the places where the most Wireless devices are. Yes, you can place an access point in the hallway, but if there is a concrete wall between the hall and the living room, then your wireless signal will suffer from the concrete and rebar.
Unifi has multiple access points, you can read more in this article on choosing the right access point for your home network and installing the access points.
Home Network Setup
We now have all the gear we need to build our home network, if you go for the all Unifi solution a recommend getting a Unifi Cloud Key With the cloud key you can manage your home network from the cloud and it eliminates the need for a local controller (which you can install on a Raspberry Pi for example)
So we have all the parts, but how do you set it up? First a little diagram of how your network could look like:
As you can see we have a modem that we got from our ISP, the Router (USG in this case), a switch, multiple access points and a cloud key. I always give network devices a fixed IP-address and use DHCP only for the clients. This way you know how and where to reach your network equipment when something is not working.
Step 1 – Connect the router to the modem
Most ISP’s combine a modem and router into one device. This way you can just plug in your computer and it all works. But we want the best home network setup possible, so we need to “disable” the router function of the ISP’s modem/router. What you will have to keep in mind is that every router you buy has a fixed Ip-address already set from the factory and 9 out of 10 times it is 192.168.1.1 and that’s a problem.
Change Ip address and DHCP
Just press Windows key + X and goto run. Type cmd <enter> and type in the good old dos box the following command:
It will give you a result similar to this:
As you can see, the default address of my ISP’s router is also 192.168.1.1, so when we connect our new router to the one of the ISP we will get a conflict. So first you need to login to your ISP router, on http://192.168.1.1 and change the IP range in the DHCP settings to something like 192.168.20.10 – 192.168.20.100 and make the IP-address of the router itself 192.168.20.1
And because we are logged into our router, we might just disable the wifi so we don’t have to come back later. Find the Wireless settings page and disable the WiFi so it won’t interfere with our new access point.
Connect new router
We now can safely connect our new router, just connect a cable between a LAN port of your ISP router to the WAN port of your new router. And because we need our computer connected as well, a cable from a LAN port of our new router to your computer:
old router-> new router/usg[wan1] + new router/usg[lan1]->computer.
In case of a Unifi USG router, you now need to connect the Cloud Key to setup the controller. This way you can adapt all the network devices. I won’t go into detail about this now.
Step 2 – Connect the switch
This one is pretty easy, just put a cable between a LAN port of your new router and the switch. If you have a managed switch, then check the documentation on how to login into the web interface. Some switches come with a fixed IP address, other have a tool to find the device. What I often use in for me strange networks, is a small program called Advanced Ip Scanner. This small, free tool, scans your network and list all connected devices and their IP-Address.
When you are logged into to switch, give it a fixed IP address, so you don’t have to search for it again.
Step 3 – Access Points
Depending on the access point you got and the switch that you’ve bought, it can be as simple a connecting an ethernet cable between the switch and access point. But when you have switch without PoE, then you need to place the PoE adapter between the switch and access point.
If you did go for the Unifi access point, and you should, then open the Unifi Controller (or app if you want to install them without controller), adopt the access points. A full guide on how to install the Unifi Access Points can be found here
The best location for the access point
The placement of the access point is really important, placing it in the right location makes all the difference in a good wifi connection or not. In the Unifi Controller is an option the create a floorplan with your devices placet on it. You can use this map to find the perfect location for your access points. The map allows you to draw a different type of walls, each with their own characteristics. Next, you can place your access point on it and turn on the heat map. You will see how much of the signal is blocked by the walls, doors and windows, so you get a good idea what the perfect location is.
I made a few examples to give you an idea. In the first floor plan, the access point is placed at the entrance. It’s typically used location because people don’t like the few of an access point on the ceiling of there living room. As you can see, the 5G coverage in the living room is poor, the slower 2G coverage is ok.
When you place the access point in the living room, where the most of the wireless devices are, you will get a good connection with great performance. So I really suggest that you first draw up your floorplan in the controller, so you can find the best location for the access point.
Home Network Security
Separate Guest WiFi Network
After we have done our home network setup it’s time to think about the security of it and the devices on it. We all get guests in our house, it can be friends, family or relatives and they all have a cell phone. You might be tempted to give them your WiFi password, but what if their device has malware or a virus on it? Your network could be infected as well.
Most modern access points allow you to create multiple SSID’s (WiFI networks), so create one for your guests. But that’s not all you have to do, the goal is to separate the guest network traffic from your own network. And that’s where vLans comes in (remember what to keep in mind when looking for a new switch).
Create a separate VLAN for your guest network to keep your network safe. When creating a VLAN your need to create the VLAN on the router first, and then assign the VLAN to the guest SSID in the access point.
Scan internet traffic
To keep our home network safe, we need to prevent malware and other malicious traffic. This can be done with a free service called OpenDNS. When you browse the internet, every URL you type is converted to an IP address. So when you type www.google.com, it’s converted by a DNS server to the correct IP address (for example 188.8.131.52 ). This conversion is done by DNS servers, and there are many DNS server available. Your ISP has one, Google, Microsoft etc.
What OpenDNS does is keeping a list of known malicious servers. When your computer makes a request to www.fakebanksite.com it will check if that site is on the known list and block the traffic. This way it protects you from phishing and other malicious websites
OpenDNS is free for personal use and I really recommend using it. All it takes is changing the DNS servers in your new router to their DNS server to protect your network.
Change default network name (SSID)
New routers and access points come with a default WiFi network name (SSID) and password. You should always change this immediately after your connected everything. Hackers can easily guess the password based on the manufacturer of the router or access point. Choose an SSID name that doesn’t give away any personal information like your family name or address.
Regular update the firmware of your network appliances
All network appliances, router, access point, switch, smart devices, printers, need to be updated regularly to keep them secure. Creating a good home network isn’t a one-time task, you need to keep it updated. The firmware updates can address security vulnerabilities and improve your network device’s performance. So every two months or so, check for the latest updates and apply them to the devices.
If you are using the Unifi network gear, then you can check it easily for all the devices from the controller.
I hope you found this guide useful, if you have any question or suggestions, please let know.