OpenWRT and Sophos XG on a XG105W?

Forums › LAN (ethernet/Wifi/routers/Bluetooth) › OpenWRT and Sophos XG on a XG105W?

kiwibum

114 posts

Master Geek

ID Verified

#300571 19-Sep-2022 12:19

I've been given a Sophos XG105W that I'm hoping to replace the no longer supported Grandstream GWN7000 router I have.

Have a Voyager 300/100 fiber connection with two basic home users and about 10 devices (generally not on all at the same time). Main use is email, webpage surfing, youtube, watching netflix, which all work fine on the current GWN7000, at some stage I would like to add remote access to file server via wireguard. We have no intention to upgrade to faster connection.

I understand OpenWRT will run on the XG105W (CPU: Intel Atom Dual-Core @1.3GHz, Memory: 2GB DDR3L RAM, Storage: 64GB M.2 SSD) but I don't know how well. I'm also aware the XG105W can be upgraded to 8GB RAM and a faster SSD if this helps.

Anyone here had experience with OpenWRT or Sophos XG on similar spec hardware and can advise me if these would be suitable for my connection and basic needs on this XG105W?

Anyone tried both OpenWRT and Sophos XG have recommendation to one or the other? I haven't time to try either yet but read a little about them, I'm familiar with Linux hence considering these over other options, I'm more inclined towards the open source option at the moment.

Spyware

3769 posts

Uber Geek

Lifetime subscriber

#2970089 19-Sep-2022 12:50

Mikrotik is another super option, e.g., RB5009 https://mikrotik.com/product/rb5009ug_s_in

Spark Max Fibre using Mikrotik CCR1009-8G-1S-1S+, CRS125-24G-1S, Unifi UAP, U6-Pro, UAP-AC-M-Pro, Apple TV 4K (2022), Apple TV 4K (2017), iPad Air 1st gen, iPad Air 4th gen, iPhone 13, SkyNZ3151 (the white box). If it doesn't move then it's data cabled.

PANiCnz

990 posts

Ultimate Geek

#2970278 19-Sep-2022 18:12

Should be fine for 300/100, 1000/500 is probably too much for that hardware.

I run OpenWRT fine on a RPi4 with a 300/100 connection.

Performance will be CPU bound so no real need to upgrade the RAM or SSD.

kiwibum

114 posts

Master Geek

ID Verified

#2970293 19-Sep-2022 20:06

Thank you, that is what I needed to hear. Didn't want to spend a lot of time and find it would be worse than the grandstream.

PANiCnz: Should be fine for 300/100, 1000/500 is probably too much for that hardware.

I run OpenWRT fine on a RPi4 with a 300/100 connection.

Performance will be CPU bound so no real need to upgrade the RAM or SSD.

eonsim

398 posts

Ultimate Geek

Trusted

#2970316 19-Sep-2022 22:33

1000/500 works fine on a NanoPi R4S + OpenWRT which is slightly slower (2xA72 + 4xA53 vs 4xA72) though with more threads than a RPI4.

kiwibum

114 posts

Master Geek

ID Verified

#2970355 20-Sep-2022 08:57

Thank you, I doubt we will ever transition to anything faster than what we have, however that is very good to know it will cope with it if we need to go faster.

eonsim:

1000/500 works fine on a NanoPi R4S + OpenWRT which is slightly slower (2xA72 + 4xA53 vs 4xA72) though with more threads than a RPI4.

mcraenz

1140 posts

Uber Geek

#2975450 30-Sep-2022 13:37

I use Sophos XG in a VM on an ESXi host (HP mini PC - i5-7500T). They have a free version which allows up to 4 vCPU and 6 GB of RAM. I've tested it up at 800Mbps with IPS enabled.

Free Home Firewall | Sophos Home Edition Firewall

I haven't used OpenWRT for 10+ years but I do really like Sophos XG, it's getting closer to a real enterprise-grade FW. Still no Check Point or juniper but compared to the Ubiquity EdgeRouter lite it replaced it's MUCH nicer to manage. Especially important to me as home network is currently running about 10 vLAN segments for various purposes.

But you won't get the more 'cutting edge' stuff like wireguard with Sophos XG. Personally I run a separate Linux VM for that.

It also doesn't support DHCPV6-PD so I can't make easy use of the IPv6 with 2Degrees. In any case I do prefer to separate a virtualized FW.

Not sure if that helps at all but that's my 2cents about XG 🙂

Help me build a better way of doing politics in Aotearoa New Zealand

political.nz

kiwibum

114 posts

Master Geek

ID Verified

#2975620 30-Sep-2022 17:31

Thanks "mcraenz", yes that is useful to know. At the moment I think I'll try OpenWRT, partly because I'm tired of commercial products dropping their updates or creating upgrades that won't work on last years model etc. Looks like there is good support for the Sophos XG105W appliance I have.

Thanks again and have a wonderful weekend.