Recently I did a massive upgrade to my home network, getting rid of all consumer-grade hardware in favour of business-grade hardware. That changeover has been massive for me, and not only did I enjoy the process — including re-learning details about VLANs, Firewalls and routing — but it has also re-ignited a spark in me to “play” more with hardware and networks.
On that front, I searched for a more self-managed routing and firewall option like the travel router I put together on a Raspberry Pi last year. In my travels, I came across Protectli hardware, and it looks like it’s just what I needed and wanted. After reaching out to them for some info, an offer to take a look at the Protectli Vault FW4C came through, which was gratefully accepted.
What is it?
Internally it’s essentially a mini PC but targeted to become a replacement router, as evidenced by the network setup. Four 2.5G Ethernet ports adorn the device: One for WAN, one for LAN and two that can be used in your choice of configuration. We’ll get into this in a later article.
On the other end of the device, you’ll find several useful connections (particularly for the early installation phase of your chosen OS), including dual HDMI, two USB 3.0 connections, a COM port and a headphone jack. If you choose to use the Vault as a desktop replacement or need Wi-Fi as part of the system, there’s an optional Wi-Fi card you can have fitted (for an extra cost) and VESA mounting capability.
What I like about the Protectli Vault as an option to replace a router is the hardware decisions made, making it viable for multiple environments. If you look at high-end business routers, they’re usually rack mount with high-flow, screaming fans onboard, not something a home user wants. The Protectli hardware has minimised heat (through the use of SSD for storage), has fins to dissipate heat and is fanless.
The Protectli Vault hardware comes without an OS installed, as there is intent for it to be used and customised to each user’s needs. The website shows that it’s been tested with multiple open-source firewall options like OPNsense, pfSense, Untangle and even some Linux distros, so there is support there for anyone who wants or needs it through official and community channels.
So what are we doing with it?
I’ve got one on the test bench, and across a month or more, I’ll be putting out several articles following this one, installing pfSense and replacing the D-Link DSR-250V2 with it, at least for a little while.
So, the following article will be a bit of a guide to installing pfSense and the basic settings you’ll need to get online. Following this, an article with more detail about VLANs, routing and port forwarding in the software.
Taking the security up a notch, I’ll be setting up my — not sponsored, but feel free to use my referral link NordVPN so that the entire home network goes through VPN for outbound traffic and finally; a bit more on firewall rules.
nb. There are a lot of people who know a lot more about firewalls and routing than I do; this will be a guide to a few things I do, with the intent that if you want to do or know more, you’ll hunt that information down.
In the short term, I plan on using the DGS-1210-10P to set up a V-LAN to one of the wall ports next to my PC so I can have both routers on the network without needing to nuke my network from orbit and easily change between the routers (for when I break something on the Vault) as the router for my WAN.
For now, if you’re keen to play along at home, you can grab a Protectli Vault FW4C or another variant from their Amazon store — this is not a sponsored or an affiliate link for revenue — and by the time it arrives, the installation article and videos should be online.
What other information would you like to see in this series of posts?
I’m assuming you’ll get it running as a router, and then install other stuff alongside?
Pihole/Adguard, VPN like Wireguard, hang a USB drive off it for SFTP or low end NAS, Plex, there’s a lot of options there.
Be good to add a bit on motivation (reason for wanting to replace consumer grade)
I think you’ll find https://www.aliexpress.com/item/1005005381093759.html is a better device hardware wise. The N100 especially is extremely low power usage (TDP of 6W) while having a lot more cpu power than the ancient celeron model you posted.
I have one of these with 32GB DDR5 ram and a nvme SSD in it and it runs Proxmox + OpnSense + PiHole for my home network and works a treat.