03 - Routers & Firewalls - Home Networking 101

Welcome back to Home Networking 101, the ultimate guide for beginners who are looking to unlock the full potential of their home networks. In this video, we're gonna discuss everything that you need to know about routers and firewalls. We'll cover where the router fits into your network, the different types of routers available, the essential hardware and software components of a router, and finally, I'm gonna walk you through the initial setup of two different routers and explain everything that I'm doing along the way. This foundational knowledge should empower you to successfully navigate any router's interface, as well

as have a solid understanding of what you're dealing with. So hang on to your ethernet cables as we dive into the third episode of Home Networking 101. Are you tired of struggling with routers and home networking? Well, don't worry, we've got you covered. In this video, we aim to make understanding routers as simple as possible, but if you ever find yourself stuck trying to figure out why your internet isn't working or why your guests aren't on your guest network, well, Rogue Support is here to help. Rogue Support offers expert independent computer networking assistance regardless of

your mix of equipment. Our team of experts is ready to assist you with your networking issues, from initial setup and configuration to optimizing your network performance. So say goodbye to the frustration of trying to navigate network issues alone. Visit us on the web at rogue.support or click the link in the description below to connect with one of our friendly Rogues. With Rogue Support, you're just a few clicks away from conquering your networking challenges and enjoying a secure and reliable home network. Let's start this video by discussing the role of a router in your home network.

In home networking, the router is typically positioned at the edge of the network, acting as the bridge between your local devices, such as your computers, your smartphones, your tablets, and the rest of the world, right, the internet. Your router connects to the internet through its WAN or Wide Area Network Port, filtering and securing that connection before distributing it to your home devices. You can think of the router as the network's traffic cop, right? When traffic from the internet is trying to get into your private network, the traffic cop, the router, examines that incoming data and

decides whether or not to let it through. For outgoing traffic, such as when you open up Netflix on your smart TV, the data first reaches the router, which recognize that this is a request that's attempting to access the internet or access external resources. The router then forwards that request to the modem, which then sends it out to your ISP, the internet service provider, and then out into the vast expanse of the internet. By acting as the gathering point for all traffic that needs to go out to the internet, this also allows you to share your

internet connection with every connected device in your home. The router also keeps traffic local. So for instance, when you need to print a document or when you want to stream a video from your phone to your smart TV, the router understands that your smart TV isn't on the internet, right? So it doesn't need to forward that traffic externally. Now let's talk about types of routers. Most commonly, routers are gonna fall into three categories. You've got standalone routers, combo devices, and managed equipment. Standalone routers represent the simplest form of routing equipment, such as this Edge Router

X here. The sole function of this device is to be a router, right? In this case, the Edge Router X has five ethernet ports for connectivity. In most home networks, one of these ports is gonna be dedicated to the WAN connection, your connection out to the internet. And the rest of the ports are gonna function as a network switch to provide LAN or local area network access for your wired devices. Although standalone routers are less commonly found in home networks compared to combo devices, they do offer greater flexibility in terms of your equipment choices. So

for instance, if you have a bunch of wireless access points, you can easily upgrade or replace those separately without needing to change out the router itself. The most common type of home router is something like this Netgear AX1800. These all-in-one devices are widely available at your local electronic stores and offer a simple solution for setting up your home network. This AX1800 functions as a router, a firewall, it's got a four-port switch, and it has a wireless access point all in one package. The main advantage of these devices is their ease of setup for beginners, as

they come pre-configured with default settings that should work well in most home environments. The downside of these combo devices is the lack of flexibility and upgradeability. Essentially, all of your eggs are in one basket, which means it's difficult to expand or improve the device's functionality. So for example, if you find that the wireless signal doesn't provide sufficient coverage for your whole home, there aren't really a lot of options for improvement, but if you separate out all of your network components, you have the freedom to add wireless access points in various locations throughout your home, allowing

for better coverage and customization. Now let's talk about managed routers, which are centrally controlled and managed by a cloud-based or local network controller. The network controller can be a free software installation or a cloud service, or it may require separate hardware or subscription fees. Ubiquiti's Unifi and TP-Link's Omada are examples of managed network ecosystems. The key advantage of using a managed router within a larger infrastructure of managed devices is the convenience of a single interface for managing, monitoring, and configuring all of your equipment. So consider a scenario where you have multiple standalone devices, such as

a router, a switch, you've got several wireless access points, and they're all from different vendors. Well, each device is gonna have its own interface for configuration and management, which makes the process more complicated, because you now need to remember logins for every device, you need to ensure that they're set up correctly to work together with the other devices. A centralized network controller simplifies this process by unifying the management of all of your network equipment under a single graphical user interface. However, this also means that you need to now standardize your equipment with that one single

vendor, which may limit your equipment options. Next, let's talk about the features that you should consider when you're purchasing a router for your home network. The first major consideration is the type and number of ports. So on the WAN side, where your internet connection is plugged in, you'll typically want at least one gigabit ethernet port. This is actually pretty standard these days, since most internet connections are between 100 to 300 megabits. Remember that one gigabit equals 1000 megabits. In some places, however, you might be lucky enough to have an internet connection such as fiber that's

one gigabit or higher. In this case, the one gigabit ethernet port on your router is not gonna be sufficient to make full use of your internet connection. So in that case, you're gonna wanna look for a router that has at least a 2.5 gigabit WAN port. We're gonna be talking about ethernet more in a future video but for now, just know that the most common ethernet port speeds are one gigabit per second, 2.5 gigabits per second and 10 gigabits per second. Another thing to consider for your WAN ports is how many WAN ports does the

router have. The vast majority of routers for home use are gonna have one WAN port for your internet connection but other routers might have dual WAN ports which allow you to connect up to two internet connections that can be used together or as a failover. This is a great idea if, for example, you have a normal connection from your internet service provider and then you choose to add on a 5G cellular internet connection like this T-Mobile home internet as a backup. Now, if you're a T-Mobile customer, you can usually add on the home internet package

for as little as $25 per month which isn't a huge price to pay for backup internet service especially if you work from home like me and have to be online all of the time. Now, on the LAN side of your router, the local area network side of your router, most devices are gonna have four to five different ports that you can plug your wired devices into. These onboard ethernet ports can also be used to connect up a network switch for even more ports in your network. The LAN ports are typically gonna be one gigabit ports

but if you have any higher speed internal devices such as a really powerful access point, a network attached storage device or a larger, more enterprise network switch, you may want to consider a router that has at least one or two 2.5 or 10 gigabit ethernet ports for connecting up those faster devices but by and large, one gigabit ethernet is fine for most of your wired devices. Another important consideration when purchasing a router is security and unfortunately, this is something that's gonna be difficult to evaluate just from looking at the box, right? Most home routers are

gonna have some level of security and most often, any of the devices that are geared towards home users are gonna have sufficient security for general internet surfing or for protecting your internal devices. Other devices may specifically have easy to use and implement firewall rules or perhaps parental controls on top of the standard security settings. It's also important to understand that routing between the internet and your internal devices is different from firewall rules that scrutinize that same traffic. So let's take a moment to understand that difference. Within your router, we have already established that there is

a WAN side that faces the internet and a LAN side for your internal devices and private networks. When a device makes a request out to the internet, your router uses what's called NAT or network address translation to keep track of which devices made the request out to the internet. So let's imagine two different devices on your network. You've got a smart TV and you've got your laptop, right? You're sitting on your couch and you're watching Netflix on your smart TV while at the same time, you're surfing the internet from your laptop. Your router is managing

both of these connections out to the internet. But when it receives a request back from the internet, how does it know which of those devices made that request? If your TV requests the next episode of your favorite show from Netflix and at the same time your laptop surfs out to amazon.com, both of these requests are made out to the internet and they're gonna receive some sort of data back. NAT is what manages those connections. Imagine NAT as the receptionist at a large apartment building. When you send mail out from one of the apartments, the apartments

representing your devices, to the outside world, which is the internet, the receptionist, right, network address translation, replaces the apartment number that that mail was sent from, which in this case is gonna be that device's private IP address. It replaces it with the building's address, right? The public IP address or WAN IP address. This way, the outside world only sees the building's address and not the individual internal apartment numbers. So when that mail returns, the receptionist remembers which apartment it belongs to and then delivers it accordingly, right? NAT allows multiple devices to share a single public

WAN IP address while keeping their individual private IP address hidden. Firewall rules, on the other hand, are like the building's security guard, right? Their job is to ensure that only authorized mail enters or leaves the building. The security guard, right, the firewall, checks every piece of mail, every piece of data, based on a set of rules, such as the sender, the recipient, the content, to determine whether it's safe or not. If the mail doesn't meet the established rules, it's blocked from entering or leaving the building, providing a layer of security for your residents, or in

this case, your devices that are on the inside. So to summarize, NAT is responsible for translating and managing IP addresses between your private network and the internet, while firewall rules are responsible for controlling and securing the flow of data to protect your network. Now, these two concepts often work hand in hand, and they're set to do this automatically by default in most off-the-shelf routers. Another feature that you may wanna consider is VPN capability. So VPN, which stands for virtual private network, can be used in a lot of different ways, but in the context of home

routers, it typically refers to secure private connections bridging the outside world to your internal network. For instance, imagine you're on vacation in Hawaii, and you need to access some files on your home computer. By setting up a VPN connection, you can securely connect from that remote location into your home network. And once you're connected, it's as if you're directly accessing the network at home. You'll usually see VPN capabilities listed right on the box, such as this Netgear AX1800 that says it has VPN support. Finally, let's discuss the ease of setup and use for routers. When

you go down to your local big box electronics store, most routers on display are designed to be user-friendly, because they're marketed to users who may not be networking experts. The default settings and setup process are intentionally straightforward to facilitate quick and secure online access for your devices, right? These off-the-shelf devices are ideal for beginners that are just learning about networking concepts. However, as you gain a deeper understanding of networking through tutorials just like this one, you might find that these easy-to-use routers have limited functionality, right? The default settings that work for most users might not

be optimized for power users with more advanced networking knowledge. So in that case, you may prefer a router that, while not as beginner-friendly, offers greater customization options for intermediate users to tailor their settings according to their needs. I'm gonna walk you through the configuration of both an off-the-shelf router, as well as a more intermediate-style router later in the video. But keep in mind that most routers are gonna have some sort of quick start guide that gives you everything that you need to know to start the configuration process. All right, so now you've bought your first

router. Congratulations, and in this section, let's review some of the terminology and concepts that you're gonna need to understand to get started. Okay, so we've already talked about WAN and LAN ports, WAN ports being where you plug in the internet connection, and LAN ports are where you plug in your internal private wired devices. Now, on some routers, such as this Netgear AX1800, these ports are clearly labeled to make everything easy. And here we can see a yellow port labeled Internet, and then four black LAN ports, right? On this Edge Router X, however, it isn't as

clear which ports are LAN ports and which are WAN ports, because that's something that you configure yourself during the setup of the device. You're also gonna need to know a bit about subnetting and IP addresses, and we're gonna be digging deeper into subnetting and IP addressing in a later video, but we'll cover the basics here, all right? So I've already mentioned a few times in this tutorial that there are WAN or external IP addresses on the internet, and LAN or internal IP addresses on your private network. The WAN IP can be found by going to

a website such as whatismyip.com, and it's not usually something that you have any control over. On the LAN side, however, you can not only determine what your internal IP addresses are, to an extent, but you can also determine how many possible IP addresses you can have on your network. This is called a network mask or a subnet, and you can think of a subnet as a bucket of all of the available IP addresses on your internal private network. It doesn't mean that all of these IP addresses are in use. It just means that in this

bucket are all of the IP addresses that can be used on your internal network. These IP addresses can be handed out to wireless devices such as your tablet or smartphone, or they can be handed out to wired devices like your computer or a network switch. The subnet is essentially the size of the bucket or the quantity of available IP addresses that you can use in your network, and this is usually denoted in one of two ways. The first way is what we call a subnet mask, and it usually looks something like 255.255.255.0, and it may

be confusing what that means exactly, and without digging too deep into it, just know that the subnet mask defines the size of your bucket, or rather, it determines how many IP addresses can fit into that bucket. You can take that subnet mask and convert it into binary and actually figure out how many IP addresses are usable within the network. Most commonly though, you're gonna see a subnet mask of 255.255.255.0, which means that 254 possible IP addresses can fit in your bucket. Another way that you may see a network subnet defined is with CIDR, which stands

for Classless Inner Domain Routing, now you don't have to remember that, there's gonna be no test, right? But CIDR is basically another way of telling you, as the network administrator, how many IP addresses are in that network bucket. CIDR is in the format of the IP address numbering scheme, followed by a forward slash and then a number. So for example, if you see an IP address that says 192.168.1.1 slash 24, in CIDR format, this means that that particular IP address, 192.168.1.1, is a member of a slash 24 subnet, which denotes 254 available IP addresses, just

like the 255.255.255.0 that we saw earlier. So now you know that a network is divided into many different IP addresses that fit into buckets of different sizes, you know, subnets. But what about the IP addresses themselves? Is that a number that you can just kinda like make up? The answer there is yes and no. While you can make up some parts of an IP address yourself, there are still some more rules that have to be followed. There are specific IP address ranges that are designated as private ranges for internal use, rather than the public ranges

that are used out on the internet. For example, you will never see an IP address that starts with 192.168.something.something out on the internet, because 192.168 is a private IP address range. It's also the most common range. Nine times out of 10, when you get a new router, the default IP address subnet is gonna be 192.168.0.something or 192.168.1.something. We'll dig more into IP addresses in a later video, but you should learn to recognize 192.168.x.x as the most common private addresses in use. When it comes to your WAN IP address, I already mentioned that you rarely have

any control over what your WAN IP address is, but there are still some settings to be aware of. For example, if your ISP has given you a dynamic IP address, you can set up your router and just take whatever the ISP decides to give you for the WAN IP, and life is all good. But you may also have a static WAN IP address, which means that it never changes, and in that case, the ISP is gonna give you some static WAN IP address information, such as the IP address itself, the subnet mask, or CIDR, so

that you know how big that bucket is for the WAN network, and also a default gateway address. You're gonna have to configure these items manually on the WAN interface of your router for them to work. And since we just mentioned the default gateway, let's talk about that for just a moment. In IP addressing, every network has a default gateway. It's basically one of the IP addresses in the network. Most commonly, it's gonna be the .1 address, or the first IP address in your network subnet range. For example, if your bucket of IP addresses is 192.168.1.1

through 192.168.1.254, or 254 total IP addresses, then the first IP address, .1, is most often what is configured as the default gateway for that network subnet. It's where all of your devices are told to go when they're requesting some data that doesn't live on that same network. If your smart TV is looking for Netflix, it's gonna make a request for Netflix, and it's gonna know that Netflix doesn't live on your internal private network. So then it's gonna send that request by default to your gateway address so that your router can handle that request and then

forward it on to its final destination. Another thing that you're gonna see when you're setting up your new router is DNS server settings. DNS stands for Domain Name System, and we've talked about it briefly in a previous video. This is the service that acts like a phone book on the internet. It translates human-friendly names like google.com or amazon.com or rogue.support into computer-friendly IP addresses. When you open up a browser and you surf the web to rogue.support, DNS takes that request, it looks up rogue.support, and then it tells you, oh, the IP address for rogue.support is

76.76.21.21. You can actually see this in action yourself by opening up a command prompt in Windows and then typing ping space rogue.support. When you sign up for service with an ISP, they're gonna give you some DNS servers that you can use to do these types of lookups. Now, the ones that the ISP give you are fine to use, but some people don't like to use the DNS servers that the ISP hands you because your ISP now has a record of who you are and then what you're looking up on the internet, right? It's a privacy

issue. So because of that, many people opt to use public DNS servers that help to protect your privacy when surfing the web. Some of these public DNS servers will also filter out unwanted content such as known malware servers, known bad IP addresses, or stuff that you wouldn't want your kids to see. We're gonna be covering DNS in more detail in a future video. The final concept that you should be aware of when you're setting up your new router is DHCP, or Dynamic Host Control Protocol. So remember we just talked about the buckets of IP addresses

that are available to your network. This is also known as your network subnet. You've got all of these IP addresses in a bucket and your devices all need IP addresses so that they can talk to each other on the network as well as make requests out to the internet. It's possible for you to manually assign IP addresses to all of your devices, but this is not a reasonable thing to administer, right? It's gonna take a ton of time to keep track of which of your devices have which IP addresses. So instead, we use DHCP. With

DHCP, your devices know to just take whatever IP address the DHCP server gives it. And then you configure your DHCP server with a pool of available IP addresses that it now has the ability to hand out to all of your devices. Once this is set up, now let's say you plug a new device into your network or you connect it wirelessly like your smartphone, right? Once it's on the network, it announces itself. It says, hey, I'm here, I need an IP address. The DHCP server is gonna hear that request and then it looks into its

bucket and it finds an IP address that isn't already being used by some other device. And it hands that IP address to the device that requested it. Every IP address that the DHCP server hands out has an expiration date on it. And when that IP address expires, it goes back into the bucket of available IP. So for example, if you have a guest that comes over to your house and they connect up their smartphone to your wireless network, you're gonna give them the password to your Wi-Fi, they connect up their phone, DHCP says, hey, here's

an IP address that you can use to get on this network and then when your guest leaves and takes the phone with them, eventually that DHCP lease is going to expire and the IP address goes back in the bucket and it's ready to be used for a different device. Okay, so let's recap what we've talked about so far because it's been a lot in this video, right? We've discussed where a router fits into your network, the key components you should look for when purchasing a router and also some of the services and concepts that you're

gonna encounter when you're going through the configuration. Now, if you need to refresh yourself on any of these sections, you can use the time codes in the description below to hop around to different parts of the video. But next, we're gonna actually configure a couple of different routers and the first one is this Netgear AX1800 that I bought from my local Best Buy. It's usually about 139 bucks. I happen to get this one on sale for 99 bucks and this router is a pretty good solid choice for a sort of standard vanilla network. It's got

everything that you need. You do not need to spend three or four times as much on a router that promises better performance or is marketed as like a gaming router. I mean, unless you have a specific need for a feature or a type of port that a more expensive router offers, it's really rare that you're gonna notice any difference between this router and like a $350 router. All right, let's get started with the setup of this router. We'll pretend that I just bought this from my local big box electronics store. I have my laptop which

has an ethernet cable that I can plug into it. The router came with a power adapter and a network cable and it also has a quick start guide. Now, in this quick start guide for Netgear, it wants you to download an app and configure this device with the downloaded app. I'm not gonna be doing that because it's much easier to show you what I'm doing if I do it through a browser interface. So I'll be doing it on my laptop, but just keep in mind that when you go through the app, you're gonna see a

lot of the same exact things that we're going to be doing in the desktop interface. So either one should be perfectly fine. All right, so let's start off by getting this router plugged in to power and then I'm going to plug the internet connection into the internet port on the back. All right, so here's the back. You can see power is right here. Let's plug in the power and then I'm gonna take this ethernet cable here that it came with and I'm using this T-Mobile 5G home internet as the internet connection. So that is ready

to go. I'm gonna plug into the back of this device. This is functioning essentially as my ISP's modem and on the back of the ISP's modem, you're gonna have at least one ethernet port. You plug into that ethernet port and you plug the other side of the cable into the internet port on the back of this router. Okay, so I have power, I have the WAN port, the internet port plugged in. I'm now also going to plug in my computer into any one of the four switch ports. And we should be good to go to

start the configuration. Okay, so looking at my computer, I can see that I am connected to the network already and we can see some blinky lights happening on the router. That is all good news. In fact, I probably already have internet access. That's how easy these things are to configure. In order to check, I'm going to run a command prompt in Windows by hitting the Windows button and then just typing CMD or command. You should see it pop up. And I'm gonna say ping 1.1.1.1 and there we go. I'm already on the internet. But we

haven't actually configured this thing. We're just using the default settings. So let's configure it. According to the quick start guide, for manual configuration, you wanna visit www.routerlogin.net. And that is a domain name that this device is broadcasting out to my local network by default. So let's try to open that now. And I am just putting that into a browser. In this case, it is Google Chrome. We're gonna say continue because it's HTTP. So Google Chrome flags it as not secure. We're gonna say continue. And of course, again, now it's pushing us to download the app

again. For fastest setup, download the Nighthawk app. I don't wanna do that. I'm gonna say if you don't have a compatible smartphone, click here down at the bottom. And that should redirect me to the local setup or the browser-based setup. So agree to the terms of service. And here we go, welcome, let's set up your router. So we're gonna say next. Checking for internet connection, it should find one because we already verified that we're already on the internet. Internet detected, you're just a few steps away from completing the installation. We're gonna say next. And now

it wants us to put in admin credentials, right? This is actually very important. You never wanna put a factory default router on the internet with default credentials. Like sometimes it'll be like username admin, password admin. We don't wanna use that, right? Because that can be compromised. Everyone knows that default password for these devices. So always change to a strong secure password that you're going to remember, or better yet, put it in a password manager. So username is admin, let's give it a strong password. And in this case, it also wants us to do a couple

of security questions. So let's just fill those out real quick. What was the name of the first Netgear product you purchased? No one's gonna actually remember that. But I'll say AX 1800. What is your best friend's first name? We're just gonna say Rogue Support. Because why not keep plugging that, right? All right, so next. Set up your wifi. Now this is, of course, a combo device, right? It has a switch, a router, firewall, and wifi all in one. I'm gonna set up the wifi through the wizard, but we're gonna dig much deeper into wifi setup

and settings in a future video. So for now, I'm pretty much just gonna take the defaults, which says Netgear 71 and Tinyfire 931. That's the 2.4 gigahertz wireless spectrum. Again, don't worry too much about that right now. We also have a five gigahertz wireless spectrum, and that has the same password. Okay, so. Oh, look down here. Enable Smart Connect. So this is pretty interesting. Again, we're not gonna dig too deep into the wireless, but as you can see, by default, this is trying to separate out two different networks, one for 2.4 gigahertz devices and one

for five gigahertz devices. If you check that box, though, it's gonna combine those into one network, and then your devices pick based on their own capabilities if they wanna be 2.4 or five gigahertz. So let's go ahead and do that, and we'll say Next. Okay, configuration complete. We're gonna say Next, and this should now bring us into the admin interface, or actually, it looks like it's checking for updates, and that's always good. So another important thing with any device that is connected to the internet is always make sure you are on the latest software or

firmware. So in this case, we can see we are on 1.0.10.110, and the new version is 1.0.14.134. So we're gonna say Update, and the reason that this is important is because in a version of firmware, in older versions of firmware, it's possible that something was exploitable, right? That hackers on the internet might have a way to compromise this router on an older version that has been fixed in a subsequent version, right? So you always wanna make sure that you are on the latest and greatest firmware available. So this is updating. We're gonna let it do

its thing, and we will come back once it's done. Okay, that took about two minutes, and the firmware update is now complete, so we're gonna say Next, and now it wants us to register the device. This is how you activate the warranty and get support, et cetera, et cetera. Okay, the product is registered. We're gonna say Continue, and I'm not gonna pay for extra warranty, so we are going to close this out. You have successfully completed installation, and now, of course, it wants us to get the Netgear app again, but instead, let's just click down

here on Log In. Now, notice that this is going to accounts.netgear.com. I'm not sure if this is gonna log me directly into the router interface, or it might log me into some sort of central Netgear thing that then allows me to log into the router interface, so let's log in and find out. And yeah, this doesn't really seem like it's getting me into the device itself. There might be a way to do that, but let's go ahead and log into the device directly, and most often, we're gonna find the interface to the device on the

default gateway IP address, and if you remember from earlier in this video, I said that like 90 plus percent of devices are gonna have 192.168.1.1 as the default gateway, so let's put that into the browser bar here. 192.168.1.1, and here we go. We can now log into the router. Boy, Netgear really wants you to sign up for all kinds of different stuff. All right, so Netgear Armor, we don't need to do any of this extra stuff, and here we finally are at the dashboard of our Netgear router. We can see internet says it's good. Here's

our wireless SSID and password that is now broadcasting throughout my home. We can see the number of devices. We don't have a guest network enabled, and security is not activated, whatever that means. We can check that out. Okay, so what were the main things that we talked about? Right, you've got your WAN settings, you've got your LAN settings, your local IP address settings. We've got DNS and DHCP, so let's try to find all of those things in this interface and make sure that they're set properly. So right here, we're at home. I'm gonna click on

internet. This should be our WAN settings, and here it says, does your internet connection require a login? No, it doesn't. Internet connections that require a login are typically what's known as a PPPoE connection. This is not that type of connection, so we should be good to go. And then down here, remember I said that there are dynamic WAN IP addresses where you just take whatever the ISP gives you, or there are static IP addresses where the ISP says, here is your IP address, your subnet, and your default gateway. Well, we are set to get dynamically.

If you did have a static IP address, you would set this to static, and then you would enter that information that was given to you by the ISP. IP address, subnet mask, gateway. You can also enter in DNS server IP addresses. So here we say, get automatically from the ISP, in which case it pulled one called 192.168.12.1. That is the default DNS server from my T-Mobile internet gateway. I don't wanna use that one. I wanna use my own DNS servers, or I wanna use a public DNS server that is gonna protect my privacy a little

bit better. So we're gonna say, use these DNS servers. For primary, we're just gonna say, 1.1.1.1. That is Cloudflare's DNS service. And then for secondary, we're gonna say 9.9.9.9. That is another DNS provider called Quad9, 9999. Okay, so we don't need a third. We don't need to worry about this MAC address, et cetera, et cetera, et cetera. This is good enough. For now, we're gonna say, apply. Okay, so now we're gonna skip over wireless because we kind of set up our wireless settings and we're gonna cover wireless in more detail later. Now here we have

attached devices. This is just showing me that I've got one laptop connected. No VPN clients. Remember we talked about VPN as an option on a lot of these routers. Quality of service, we don't need to worry about. Guest network, we're not gonna worry about. We do need to figure out though, what is our LAN subnet settings and our LAN DNS servers as well as our LAN DHCP server. So that's probably gonna be under advanced over here. So let's click advanced and see what we can find. So under setup, here we go, it's right here. So

advanced setup, LAN setup. Let's click on that and let's see what we've got. So there's a device name. I'm gonna leave that default. Here we have the IP address of this device and it's covered up a little bit, but it's 192.168.1.1 with a subnet mask of 255.255.255.0. That means that my network has 254 available IP addresses. Now scrolling down here, we can see use router as DHCP server. This means that this router, when a new device connects to the network, either by plugging it in with a wire or by connecting it to the wireless network,

that device is gonna say, hey, I'm here, I need an IP address. And then the DHCP server is going to hand that device the IP addressing information and this is where we set up those settings. So by default here, we can see that the pool of available IP addresses to hand out to devices is 192.168.1.2 through 254. Okay, so that's 253 total IPs. Well, what about 1.1? Well, that's the IP address of the router itself, right? You can't hand that IP address out to one of your devices or you're gonna cause a lot of trouble

on the network. Then we have the lease time or how long, when I hand you an IP address, how long before that lease expires? 24 hours is usually pretty default. In some larger, more enterprise networks or maybe like on a guest network, I would cut that down to probably four hours. And those are really all of the settings that it has. The other setting that I would typically look for is what DNS servers are being handed out to my client devices. In this case, it's most likely just using the DNS servers that I set up

for the router itself, that 1.1.1.1 and 9.9.9.9. And we can verify that by connecting to the router with some other device. So let's connect wirelessly with my phone here. So using a network tool, I can see that the phone received an IP address from the DHCP server of 192.168.1.3. And if you look at the very top here, we can see the DNS server IP is 192.168.1.1. Okay, so it's not the ones that I gave to the router itself. It's using itself as the DNS server. So I'm sure that can probably be changed in here somewhere.

Let's see if I can find that. And it looks like, no, I actually don't see an easy way to change that setting. So this is a prime example of this device being so super easy to set up and use. As you saw, I plugged it in, I plugged in the internet, I plugged in my computer, and all of a sudden I was already on the internet, even without going through the setup wizard, right? So they are designed to be super, super easy to use. But since it's so easy to use, it assumes some default settings

that if we are more advanced in networking, we may not want. So for instance, I might want my phone and my laptop to not use the IP address of this Netgear device. I might want it to use the IP address of some other DNS server, like the public ones that can filter out malware or filter out non-child-friendly content or something like that. So there's an example of where we might run into some limitations with these off-the-shelf devices. So next, we're gonna set up this Edge Router X, which is a little bit more complicated to set

up, but it gives you a lot more flexibility in terms of control over the services and features of the device. The Ubiquiti Edge Router X is a standalone router firewall. This device costs about 59 bucks. Sometimes you can actually find it on sale for even less than that. And this is what I would consider to be an intermediate-level firewall, meaning that they don't sort of spoon-feed you through the installation. You do have to know a little bit about what you're doing. And we're gonna set this up from start to finish. So this is a router

firewall. It has five ports across the front. There isn't specifically a WAN port versus a LAN port. And we'll see that when we go into the configuration, it's actually configurable. You could have it as either the fifth port over here or the first port over here. So this device, very simply, just comes with a quick start guide and a power plug. We can plug it in right there and get it going. And in order to go through the initial configuration of this device, we first need to take our ethernet cable from my laptop, and we're

going to plug it into the first port on the Edge Router X, the one that is labeled ETH0 or Ethernet0. They are ETH0, one, two, three, four. Now, from the quick start guide, I know that in order to connect my laptop over to this device, we have to set up my laptop first so that it exists in this device's network. And by default, the Edge Router X gets the IP address 192.168.1.1. Remember, I told you that like 90 plus percent of routers start with that IP address. This is no exception. So we need to configure

my laptop in that same network manually, and I'm just gonna set it to 192.168.1.2. Okay, so let's do that next. I'm going to open Network and Internet Settings. We're gonna click on Ethernet, and then right here, this is Windows 11, by the way. Windows 10 will have a very similar way of doing it. Macintosh also has a similar way of doing this. So we want to edit our IP assignment, which right now is set to automatic. It receives its information from DHCP, but we want to set it manually. So I'm gonna say manual. We're gonna

turn on IPv4, and then I'm gonna say 192.168.1.2, and the subnet mask is 255.255.255.0. Now, since I don't need to get out to the internet yet, and I haven't configured the Edge Router X for internet access yet, I actually don't need a default gateway here. So I can just hit Save, and then I should be able to open up the interface of the Edge Router X. So I open up 192.168.1.1 in a browser, and as you can see here, I am given a login prompt. The default login for this device is UBNT and UBNT for

the password. The first thing that it asks me is, this router is in its default config. Do you want to start the basic setup wizard? So I'm going to say yes, and now we can choose our WAN port options. So it says, what is your internet connection type? In our case, it's DHCP, because it is coming off of this T-Mobile home internet gateway, and the port can be either ETH0 or ETH4. We're gonna leave it as ETH0, but keep in mind that I'm plugged into ETH0 right now, so we're gonna have to change that after

we finish this setup. You can also set an IP address statically if the ISP has given you that information, or you can utilize PPPOE if your ISP gave you a username and password for getting onto their network. All of the rest of this, we're gonna leave default, and then for DNS name resolution, translating rogue.support into an IP address, we can choose how this router handles that. We can just pick whatever servers are handed to us by the T-Mobile internet gateway for DNS, we can configure our own DNS servers, or we have this option to quote,

use fast public DNS servers. And since I was gonna do 1.1.1.1 and 9.9.9.9 anyways, I'm just gonna go ahead and select that option. Then we have the use only one LAN option, which means that basically we're gonna have one WAN port, and the rest of these ports are going to be our LAN. Now this is a more intermediate device, so if I had multiple local area networks, I could configure each port independently as its own completely separate local area network. But we're keeping it simple here, so using all four of these ports as the same

local area network works just fine for us. It essentially makes these four ports a little switch, and that will work just fine. Now here we can see which ports are a member of the switch, so eth1, eth2, eth3, eth4, and we can give this device an IP address. I'm just gonna keep the default of 192.168.1.1, and then we're gonna enable a DHCP server, but we're gonna go check those settings in just a bit. Now also very important, we wanna change the default password, right? So the default username is fine, ubnt, that's okay, but we're gonna

change this to a stronger password so that we are putting ourselves at less of a security risk. And then we're gonna click apply, and apply, and reboot, and yes. Okay, so this Edgerouter X is now rebooting, but remember, I just set the internet to eth0, so I need to take my computer and put it into a different port, and then we're gonna take our internet connection, and we are going to plug it into eth0 so that when this thing reboots and comes back up, it'll be able to utilize that internet connection. The other thing that

I'm gonna do, if you recall, I manually set the ethernet adapter on my computer to 192.168.1.2. I'm going to set it back to automatic. Since we have now enabled the DHCP server on this device, my laptop will now have the ability to pull an IP address automatically from that big bucket of available IP addresses. So network and internet settings, click on ethernet, we're gonna edit, turn off IPv4, and turn on automatic DHCP, and save that setting. And there we now have a new IP address. So let's reload the page here. We're gonna log in with

our new password, and there we go. We are now connected, and we are on the internet. And I know that we're on the internet because I can do ping rogue.support, and it should return 76.76.21.21. All right, perfect. So we now have our WAN configured. We have our local area network configured. We turned on the DHCP server, but we have not yet set those DHCP server settings. So let's see how we do that in this router. It's under the services tabs. We're gonna say services, and then right here we can see the DHCP server that was

created. So let's go ahead and view the details of that server. And you remember how I told you that DHCP, with DHCP, you can create a range of available IP addresses that are allowed to be handed out to devices that connect to the network. Well, the range in this case is 1.38 to 1.243, which is kind of an odd range. So we're gonna change that. I just want every IP address that is not the gateway address of 1.1 to be available for devices. So I'm gonna put this to two, and then we're gonna stop the

range at 254. Router is your default gateway. That is the interface of this device. And then here are the DNS settings that we are handing out to clients that connect in. Now remember, we already set up the Edge Router X with its own DNS servers. We said use fast DNS servers, right? But these are the DNS servers that when my laptop or my smartphone connect to the network, these are the DNS servers that we're handing out to those devices. So by default, it's just handing out the IP address of the Edge Router X. But let's

go ahead and make this 1.1.1.1 and 9.9.9.9, and we're gonna hit save. And now our DHCP configuration is complete. The only thing that we would wanna check besides that is DNS, so if I click on DNS, we can see that DNS is listening on switch zero, which is the interface that combines these four ethernet ports into our LAN. So that's perfectly fine. I don't need to touch anything else as far as a basic setup of this device. If we click on the system tab at the very bottom, we can set a time zone. That's always

good to have a solid time zone for anything that you're configuring. So we're gonna say United States, and this is going to be Pacific time. And we're gonna save that setting. The final thing that I would want to do as part of this setup is to check for updates. We can see that I am on version 2.0.9 Hotfix 6. So if we click this button here, and then we search for edge router X, it's gonna find our edge router X, and we can download the latest version, which actually happens to be the same version that

it's on. And the reason that it's already updated is because I already recorded this entire segment, but I forgot to turn my camera on. So I'm doing this for a second time. But what you would wanna do here is download that configuration file or the firmware update file, and then you wanna upload it right here. Once it finishes uploading, it will prompt you to reboot the router, and then you are on the latest and greatest firmware. Highly, highly recommended for any router that you're configuring, put it on the latest firmware. All right, so with that

done, our edge router X is completely set up. So now you should have a much better understanding of routers, where they fit into your network, and the knowledge that you need to make an informed purchase, as well as do a basic setup of these devices. And remember that Rogue support is available for you if you get stuck on any home networking issues. Just visit rogue.support on the web for more info. And if you'd like to keep this party going, I have handpicked two videos on the right here for you to watch next. The top video

is the full playlist of this home networking 101 series. And the bottom video is my recent review of the Unified Dreamwall, a fully managed router firewall switch and wireless access point that hangs on your wall.