All About Home WifiI’ve been asked repeatedly about the best way to use Peplink gear at home - particularly how to use both a Peplink router as the main internet access gateway as well as how to install managed Pepwave Access Points to provide good WiFi coverage.
Not All Home Wifi Is The SameToday I put the finishing touches on a home network diagram that is similar to one deployed in my house but then realised that my idea of a home network is probably a little more complicated than most, so in this post I am actually going to detail a ‘simple’ home network setup and then I’ll do another slightly more more advanced one as a follow up.
Simple Home WiFi
So let’s walk through this network and how it’s set up.
Internet Access DeviceI am using a Balance One](http://www.peplink.com/products/balance-one/) as the internet access device - it’s a feature packed device, with dual WANs and support for USB cellular modem too so can load balance internet access across three active internet connections at the same time. The wired WANs can be DSL, Fiber, or any other internet connection presented on standard ethernet (like Satellite and rural Wifi broadband.
Wi-Fi Built InThe Balance One includes integrated dual band 802.11a/b/g/n WiFi radios supporting multiple SSIDs so is perfect for connecting your smartphones, tablets, laptops and other internet enabled devices.
Privacy Is the KeyIn the diagram you can see that I have configured just two SSIDs here, one called HOME and the other Guest. The idea is that you can isolate the devices on the Guest network which then means that anyone using the Guest SSID cannot access your other networked devices but they can still browse the internet.
The HOME SSID is as you would expect for all the family’s devices to connect to and these can all see each other and browse network resources, so you can cast you youtube video from your wifi connected smartphone to your wifi connected TV, and you could print to a wifi connected network printer from a wired LAN connected PC.
It’s important to secure both the Home and Guest networks with a (different) WPA2 passphrase to keep those who don’t (and shouldn’t) know the WiFi password off of the respective Wi-Fi networks. I tend to suggest that you make the Home passphrase long and complicated enough to make it impossible to remember without an aid, and the guest password something shorter and more human readable to encourage all family members to give the guest passphrase to visitors rather than the home one.
Access Points Everywhere
The Balance one has an integrated Access Point and antennas and the coverage is great from this device alone, but in larger houses, or properties that are either very old with thick stone walls or very new with masses of silver foil backed insulation in the walls additional Access Points will likely be needed. The Balance One can centrally manage up to 10 additional Access Points - not just the SSID / Radio settings but also the firmware and security settings too. So to extend your Wi-Fi network you just need to plug in an access point to the LAN of the balance one and turn it on.
POE Makes Installation EasierThe diagram shows three AP One AC Mini Access Points ](http://www.peplink.com/products/enterprise-access-point/pepwave-ap-one/#acmini)which have really great specifications](http://www.peplink.com/products/enterprise-access-point/feature-comparison/):
-
Latest Standards: 802.11ac/a/b/g/n Dual Band (2.4Ghz & 5Ghz) Dual Radios
-
Great Throughput:300Mbps on 2.4Ghz and 866Mbps on 5Ghz
-
Tiny enclosure : 98mm x98mm x 19.7mm
-
Power over Ethernet Support.
One AP is directly connected to the Balance and the other two are connected via an intermediary network switch. The benefit of the switch is that it is Power Over Ethernet Enabled, so the remote access points are both connected to the network and powered using a single run of data cable. This makes installation easier as you don’t need the Access Point to be installed near an existing mains power outlet as the included 12V power adapter is not needed.
Management Made EasyAs mentioned before, the Balance One can act as an Access Point Controller](http://www.peplink.com/technology/ap-controller/). This means that you can manage the settings across all of your connected APs using the web interface on the Balance One itself. So one place to create the SSIDS, set the passphrases for WPA2 Authentication etc.
You can also remotely monitor and manage the Balance One using our public InControl 2 Service](http://www.peplink.com/products/incontrol-2/). This lets you monitor your bandwidth usage, see which devices are connected and when and how much data they are using and even control when an SSID is available for use on a time schedule basis.
Additional NotesManaging BandwidthYou can add additional SSIDS to this environment if so desired for bandwidth and user/device management. For example you could add a dedicated SSID for grown ups and another for the children in your home, and disable the children’s SSID after 9pm at night to keep them off the internet, whilst your devices connected to the parents SSID would still be able to access the web fine. Or you could use QoS and Bandwidth control to guarantee bandwidth allocation to your main devices in the home (like Netflix on your smart TV), limiting the possibility that other devices might hog the connection.
Web FilteringIf there are children in the house you will likely want to actively filter and limit their access to the internet to protect them from certain types of content.
At this time the current firmware (fw 6.2.2) does not support inbuilt category based web-blocking, but the good news is that this is planned for the next firmware release (6.3) due by the end of the year.
In the meantime I have written a blog article](http://www.martinlangmaid.com/blog/provide-web-filtering-peplink-networks/) showing how to configure DNS based websiltering which is a good stop gap measure.
Remote Access & ManagementThe Balance One can be managed from anywhere using InControls built in Remote Web Admin Tool](Incontrol 2 : Remote Web Admin is Ridiculously Useful – Martin Langmaid – SDWAN Architect) which gives you direct secure access to the Balance web admin interface from any internet connected device, and it can be managed by our smartphone app Router Utility](http://www.peplink.com/products/router-utility/) for Android and IOS too. Both methods provide email notifications on key events (like WAN failure).
You can also set up remote access to your home network using PPTP VPN to the Balance One or if you have another one of our devices you can use PepVPN to easily create a device to device VPN.
A recently released feature on InControl 2 is find my Peplink where you can set up a dynamic dns address for the router too (eg http://ourhouse.mypep.link](http://ourhouse.mypep.link))
Internet Load Balancing ManagementAs mentioned the Balance One can use up to three Internet connections and by default all outbound internet access is load balanced across the health available links. You can however have full granular control ](http://www.peplink.com/technology/load-balancing-algorithms/)as to how each WAN link is used, perhaps only using the USB cellular connection if all other internet WANs are unavailable and also restricting its use by a key device or group of devices (such as the home office PC’s) to reduce the amount of bandwidth consumed.
You can also send certain types of internet traffic over specific WAN connections, so if you were using both a low speed DSL and a high speed Satellite internet connection for internet access you might send VoIP, Skype and online gaming traffic over the DSL because it is lower latency and Netflix or other big bandwidth apps over the satellite connection.