How To Create A Wifi Network At Home?

As a farmer, mechanic, and tech person with some programming experience I love your website! ALL your articles interest me from the lessons in computer history(got my first pc in ’93), programming, your garage, your truck and light mods, and showing us how your home network is setup. It’s only slightly out of reach for most but gives us a glimpse into what we may be using eventually or parts we may want to copy ourselves. Just keep showing us around and how you do things as it all contains very valuable lessons/information. Even though I fully grasp most everything you’ve discussed I still feel I’ve learned something by the end. As mentioned, you explain things along with all the hiccups you encountered doing it yourself. This is how I try to explain things to others but it is underappreciated in most cases and seems like a waste of my breathe at times. I appreciate the way you do it. It feels like accelerated learning. Have a good one!

Fantastic article Dave! After about a year of debating on which solution to go with, I finally bit the bullet and ordered the Dream machine SE, a switch, and two of Unifi access points. It all arrives tomorrow, so glad to see you post this. As always, your content is both informative and entertaining.. Thank you!

OMG that house! Very nice, Dave. I use UniFi as well. I had to run cat6 in my house, man that was a job. I also used the Ubiquiti in wall access points too. So every room in the house has it’s own hard-wired ethernet and WiFI access points. Next up is setting up a media server so I can stop consuming so much data from the outside world.

A few years ago, my son talked me into buying a brand of router I’d never heard of. Ubiquity makes a brand called Amplifi. I bought the Amplifi router and it’s been bullet proof since. Even automatically downloads firmware updates, slick mesh points and it just works. Hat’s off to Ubiquiti for solid hardware

Dave, great minds think alike. I’m a fan of the Ubiquiti solution as well. I’m just starting the process of setting up an IOT network and would love to hear what you have had luck doing. I think the specific trickier points to set up are going to be items like… how to Cast from a phone on main network to Roku on IOT network. I’m sure the firewall rules and which rules for typical items are going to be the trickiest part of this!

VLAN sounds like a great article idea! I’d love to be able to strategically expose some internal devices on the net to more than one VLAN, so I can keep a super secure on for just my stuff and stick anyone else on a passworded, but still sandboxed one, while they could still access some internal servers or other stuff.

Man you hit a nerve on this one! we had the same issues only we went TP Link and omada controller due to cost but works like a charm! also we used Ubiquity Light Beams to make a connection between our PFSense router and another property 1000ft away. on the other property I built a solar powered job box and attached a pole with an outdoor wifi and the light beam on the property and used golf cart batteries to power it all. No power on my other property… anyway it all worked out and now we have wifi all over our mountain.

Nice tips given here, Dave. For optimal performance, signal level should be kept above -67dBm. WiFiman is a good app to track wifi signal for iPhone+Android. In high density scenarios, where your APs coverage significantly overlap, try to reduce the transmit power to a point where you’re keeping good signal and performance. For the record, some Wi-Fi devices have either poor antenna design, or limited transmit power. Reducing transmit power will reduce the cases where your devices still indicate 3 bars of signal and yet gets poor performance. Remember the rule: “WiFi works best when APs whisper and stations shout.” Last thing: making your AP transmitting above 100mW / 20dBm is futile, as a wide range of devices won’t be able to send data beyond that power level. Hardcore advices (don’t bother if this doesn’t mean anything to you): – Set DTIM to 3 to optimize power consumption on mobile devices. – Turn on Multicast optimization, especially if you’re using your carrier’s IPTV service (country/service specific). – For 2.4GHz, disable 802.11b rates if all your devices support at least 802.11g. – Enable 802.11d (world mode) and set your country code (especially if you welcome people from foreign places, or if you live in Europe, this will make the device adjust to your local regulations). – Set your APs to ignore any signal below -83dBm on 2.4GHz. – Enable UNII-II websites and DFS if you don’t live near an airport or a weather radar (country specific, check local regulations). There’s a lot more to say, but this comment is already getting too long.

Dave, my setup almost mirrors what you explained. I started with the Linksys 54wrt and switched to unifi about 10 years ago. We use the Cisco wireless controller (WLC) at work and was pleasantly surprised at how the unifi controller seamlessly managed the network without much fuss. No dedicated H/W and most settings out of the box just work. I have since recommended/setup the unifi solution for friends and family and almost never receive the “support calls” usually disguised dinner invitation to fix stuff. The VLAN setup is pretty straightforward no CLI or in depth knowledge required – you might want to explain that in a future article.

I would like to hear more about your Unifi VLAN configuration. In my experience so far, it’s easy to partition the network into VLANs, but unifi doesn’t want to step on toes and lets traffic flow between them freely. I’m curious what changes you made in order to lock these down, ESPECIALLY for an IoT VLAN, which never seems to stop growing (at least in my experience!)

I have a UDM Pro and even installed one with 3 AP’s at my parents in laws house. I can 100% recommend the Unifi system. Its not ” Enterprise ” or crazy settings. its more like a very good router with extended options compared to normal routers but the UI is almost as easy as a normal home router .. It has extra features like Vlans etc that require a bit more learning then a standard router and is not as powerful as PF sense in capability that is more extreme solution ( and to advanced for my ISP even when i gave them logs over their fault LOL ) The best strength is secure remote management, Solid Wifi options that make it modular and can always adjust to your needs and you dont have to adjust to your routers Wifi needs. Seamless handoff is really Seamless ! and honestly .. Unifi prices are not to bad. The only issue i have with Unifi is that its at times hard to impossible to get hardware like new AP’s, switches or cameras. But for home users i can recommend this 100% and the UDM pro even has a simple Intrusion detection and prevention system that you crank up to max and get some extra protection compared to normal firewall. oh and the second negative with Unifi is that the AP’s LED light get very dim already after a year … for some strange reason Unifi scims a bit on LED quality .. its just visual in the end and does not really mean anything

@Dave’s Garage Great article Dave! Where did you get the translucent Cat terminator patch cables from? I did the same thing and wanted the switch lights to pass through the connector for ‘an effect’. I found mine at Infinite Cables, but didn’t see any others available online. Your patch cables look way different (boxier, different translucence, and different clips). Do you mind sharing where you got them?

Great article, but I was hoping for a way to improve my setup without shelling out a boatload of money. I currently have 3 hard-wired TP-Link access points in our over-sized L-shaped 2-story house in Texas. The TP-Link AP’s cost a total of $120 and have been going strong for a few years. I’ll just never be able to afford Ubiquity gear 😭I should move to a smaller house 🤪

My house is a bit smaller but I am using five Unifi access points. I’m using slightly older UAP-AC-Pro and UAP-nanoHD access points. All of my APs have a 1Gbps PoE network connection. I could easily get away with less but bandwidth and reliability may be hampered. My APs can see nearly 500 other SSIDs in the neighborhood. My APs monitor websites and can de-power the transmission power to limit their range automatically. I have some variability throughout my property but in doing speed tests, the weakest area of my property provides at least 200 Mbps up and down, where most is around 400 Mbps up and down. I do my speed tests using both publicly available speed tests as well as my own speed test server running LibreSpeed. For devices that use WiFi, that should be plenty of bandwidth. If you need better bandwidth, I have plenty of network jacks throughout the house. I run my Unifi controller (UniFi Network Application) on a Ubuntu 22.04.2 VM. Like Dave, I have separate VLANs for my personal devices, IoT devices, and guests. I also include a VLAN for WiFi purposes for cameras. My camera network though has no direct access to the Internet, as I don’t want them to report home to their manufacturer. The network article recorder has access to the camera network as well as another network. I have other wired VLANs for different web services operating on VMs. I don’t use Ubiquiti’s router though, I instead use pfSense Plus. Just after you enter my house, I have a picture frame that contains two custom-stylized QR codes.

Dave, love your website. We just installed a Dream Machine SE at our church along with 3 AP, 2 Lite’s and one Long Range unit, we’re still waiting for the 2 wall units.. There is also a 24 port Pro POE in the mix. Setup was very straight forward. We have 3 VLAN’s (admin, public and A/V). Ran into what appears to be a known issue with the Dream Machine and our BlackMagic streamer. article performance suffers when running through the DM. If you bypass it using the good old Lynksys WRT54G (old but solid is super easy to set up) the problem goes away. So far no response from Ubiquity after opening a ticket. The install is about as straight forward as it gets, no routing rules, IDS or such.. That said, I’m still going to upgrade my home system to Ubiquiti. A few U6 Lite’s and I’m good to go.

I’m already “sub’bed”, so I can’t do that again, and I can only give this article ONE “like”, so a message that this was awesome will have to suffice. I.e., I’d like to see the upcoming VLAN article too. At 2:05, you talk about “everybody in the house is a wireless connoisseur”. Then “no matter what the actual problem is any failed or slow connection to any site …”, I thought they were going to say, “Dad, it’s YOUR fault!” Throughout the rest of the article, it reinforced the thought that if anything does go wrong, it absolutely IS your fault 🤣 (job security)! Thanks for the fun and informative article.

I “solved” it by having Ethernet in nearly every room of the house when it was built… And 3 Ubiquiti APs… The third was required because I found out the hard way that while they say they are omnidirectional, Ubiquiti APs aren’t great at sending a signal through the bottom of the unit. That said, looking forward to trying out a few of these tips. The complaints I get from the kids tends to be more about their hardwired game PCs…

I’d like to hear more about your Crestron home automation. My experience with Crestron (and AMX) is that only technicians who would for a certified Crestron installers have the tools to configure and maintain the systems. That’s definitely a no-go for someone like me who wants to be able to configure a home automation system myself.

One trick when you deploy wifi is turn the RF power down to as low as you can when running multiple APs. Then you get less chance of APs impacting others and you can greater reuse of websites. With everything shouting at full power you can lose bandwidth. Also take care to select non overlapping websites.

Thank you for doing this! I had been looking at Ubiquti for a little while, and considering an alternative to my Netgear Nighthawk for a few months. The 5Ghz band continuously fails out, and causes me more havoc than I want. But this was a good look into what I am going to need to get started. And please please PLEASE do a VLAN article. I don’t think people understand the power of VLANs and need to know, especially after some of the stuff Linus reported on regarding a third party cheap android TV box.

By looking at your house I suspect you don’t run into the problems most people run into, in many neighborhoods there are 20 other families with WIFI and the spectrum is full. Many of these other WIFI devices are cheap and dirty broadcasters. In these neighborhoods people add more WIFI’s to there own networks trying to cover weak spots, but the next door neighbor now gets blasted with signal from the newly added WIFI, so they add another WIFI Ad infinitum. Now we have WIFI’s screaming trying to be heard. I.E. Everyone in a room screaming at each other and no one can understand what anybody is saying. In these complex environments the key is to hardwire everything possible. Reduce the number of WIFI’s and properly manage the spectrum. As we can expect that last part will never happen without some universal management system like the CBRS system currently being used for fixed wireless systems in the 3.6Ghz band. Love your website and the incites into the Microsoft inner workings. I have been in the computer biz since the original Commadore Vic 20. 20 mot the newer 64 LOL

Sorry Dave we cant do that You did nice vid but the majority of ppl wont even know the brand name ubiquity nvm afford anything they make Try again with say a tplink unit and custom pfsense router along eith say a 12 port 2.5gb switch and you may hit more typical power users And the majority wont have anything beyond the pos router modem combo supplied by their isp And then there are those that know better but are still stuck with aformentioned isp crap just because esp here in canuckistan Esp while the monopoly the crtc continue to allow their buddies at hell / robbers / slogeco etc shaft canucks worse than any other G country on the planet! Ffs a friend in the Netherlands has had direct fiber to his home for 20N YEARS!!! And he pays less a every 6 months for such than I (I managed to get as a very sweet nonpublic deal) here for a fraction of his speed.. inget a theoretical max 1.5gb.. per month!!!

It seems to me that the hardest thing to get through to people is that if you have a sprawling property with multiple outbuildings and you want great WiFi coverage, it’s not going to be cheap. Even so, the placement of access points needs to be done intelligently. A while back I removed three out of four access points from a customer’s site (and removed 4 SSIDs), fine-tuned the configuration, and in the process increased their network speeds by 5x. With WiFi, more isn’t necessarily better.

I love SonicWALL it has the same (or most) features you’ve showed. It also has the wifi controller built in. Unfortunately, some functions are behind a yearly subscription to be unlocked. I use a second hand NSA 4600 and a 24-port HP Procurve 2610-24-PWR PoE switch for my core. I further have a HP Procurve Switch 1800-8G, HP Procurve V1810-8G two SonicPoint ACe’s. Backup is done by my Synology RackStation RS214. Still fiddeling to get my Bosch FLEXIDOME IP indoor 4000 HD to work permanently.

In any case… Dave, you have FANTASTIC HARDWARE AT HOME… 100% 👍A matter of personal choice I think … but as far as I’m concerned from router, to access point to everything else I’ve always chosen TP-LINK and I’m not writing it because I earn something but because it’s the truth. Having everything TP-LINK I noticed that I was able to configure and maximize all connections.

im using ONE UDR and ONE Unifi AC lite in the back yard (not in the winter) My house: 1902, 3 stories, plaster walls. about 1800 sq ft i have 300/300 Fios fiber i can achieve almost 300 down, 100 up, on third floor (Atic room. i also have a G3 instant camera and 500 GB micro sd card total cost. around $360

I bought into the unifi network and immediately asked myself what the heck I was doing for the 10 years. I did purchase a UDM pro, however, my rural Canadian ISP needs my equipment to run an MTU of 1400. Since there’s no MTU config, I tried setting the clamping size reducing headers from the 1400 available. Wireshark still shows packets 1500+ in size heading towards my ISP. I installed a 3rd party router that lets me configure my MTU, however that switch annoys me, double NATs my network, and sometime keeps me from sleeping at night knowing it’s there doing the UDMs job for only 50 bucks compared to unifi amounts of cash the UDM was. Frustrating.

I wish my house was “already set up with cat 6 runs back to a server room.” My house was, unfortunately, built before cat6 was invented. Or, before (electronic) computers were invented, for that matter. I’m lucky I have ELECTRICITY in most of my rooms. One of my recent projects was to install romex and 3-wire outlets so that I could actually have proper grounding.

I need just one extender. I bought a Netgear unit, and I could not get it to work reliably. It would work for anywhere from a few minutes to at most an hour then our home Wi-Fi would “all” stop working until I unplugged the Netgear then the Wi-Fi would work again minus the extender. What a time sink that turned out to be with no solution.

Watching this out of curiosity, as I’m having a TP-Link business solution in my house, thinking that I have a lot with 4 AP’s, and article starts with ‘I have 10AP’s’ LOL. I do agree with the hardwire-ing the AP’s, mine are all hardwired (3indoor, 1 outdoor), all PoE powered, via a PoE switch. I do use a hardware controllor though, but configured seamless roaming, what just works perfectly. No hassle with interuptions, let the controller do the hand of. Oh and yeah, I’m using an all 10GB network, more then enough bandwitdh for here in the house.

I particularly enjoy the what I’m going to assume was a decision that was made while drunk and not an attempt to effectively double the entry price, is the dream machine pro SE. Does everything I need and has enough poe ports for my needs…….and then it doesn’t. Multi 10g sfp+ WAN ports even a 2.5gb rg45 WAN port. However by all means poe ports should be limited to 1g. It’s not like the WiFi7 AP needs 2.5 and poe. Of course it’s an easily solved problem for another 450 that didn’t need to exist. Even after adding the 24 2.5 poe via sfp+ now makes the 2.5 rj45 WAN make no sense. Maybe they could have made the decision to have a rj45 multi gig LAN vs needing an adaptor as no isp modem is going to use spf+ out. But then I have the crazy idea they could have at least sent poe through the 2.5 making it actually useful. They almost had everything I need in one 1u box.

Great article. Something that wasn’t covered was whether all the APs should have different SSIDs or the same and similarly for the 2.4GHz and 5GHz websites. i.e. if you were using 2 WAPs do you just give them all the same name (if you can even do that) or potentially end up with 4 SSIDs? Maybe this was covered under the fast roaming / handoff section.

I can give all you the down to earth version of what he is trying to say and do here if you feel overwhelmed here, and you might. All of this really boils down to just money. If you are having issues in your house with Wifi on a daily basis and, you have the extra money, do this. Call up your ISP and explore the next tier of speed you can get, then, provide your own WiFi 6 router. I would suggest something in the $200+ range or beyond if you can afford it. You want wifi-6. Again, to avoid all of the technical jargon, just trust me, you want to be in the $200 and beyond range. Why? better power, processing and range. it really is that simple. We have Google Fiber 2gig service here in Kansas City, 4 people and never any complaints. We all share a space of about 2800 square feet not including a rather large patio and driveway. I have an Asus ROG Rapture WiFi 6 Gaming Router, $350 from Amazon and it covers all of us well. I’ve located the router in a central location and everyone is at full bars. And yes Dave, I can get every single bit of bandwidth ( pun intended ) out of this connection. Usenet, 100 concurrent connections, 240MB/s down. That’s a 10gb file down in around 1 min 10+, that is, if you were curious. BTW, old skool Amiga guy here. I used to live in Topeka, Kansas, an hour from us here in Kansas City and I have a signed Amiga 2000 from Tim Jenison as well as an unopened Amiga 4000 that I refuse to open, yes the battery may have destroyed the board, a new Amiga 1200 in the “party pack” box still, and a 10/10 condition Amiga 500 without a box.

My demands are miniscule. I have 4 desktop PCs, about 16 wireless devices, 3 TVs, 6 gaming consoles and a couple of printers. I upgraded my Wifi to the new Orbi and that solved all my wifi issues. The PCs, TVs and 2 of the consoles are hardwired through GB ethernet. The rest just use wifi. In Australia, my internet peaks at 300mbps, so having anything more than I have is pointless.

I’m a sys admin and spent like 2 weeks finding a good wifi system for my home. (Probably why your article hit my recommended list) DreamMachine and U AP-s are well out of budget unfortunately (that would have been my nr 1 go-to) I even waited patiently over 2 years for several clients to drop their old APs and move onto newer technologies 🙂 But I ultimately opted to buy 2x ASUS AX6000 Wireless routers. Retail combined they’re about 600€ but I managed to get the price down a bit thanks to the company I’m at. They support everything you mentioned and even have Wifi6 and Wifi6E (optional) plus they both have 2x 2,5Gbit Eth connections. Pretty future proof investment. My house is about 25 meters in length with about the same for the backyard. I have both AP-s at each end of the house, at different floors and I can now easily move from one end of the property to the other and between floors without my Teams calls dropping and trying desperately connecting to the old AP-s. I ran an eth cable to connect both. Pure magic if you ask me. Everything you mentioned was spot on. Pretty good for a dad in a garage 🙂 Also.. what are you doing with all of that property? :O

Two tips, if being ultra secure is the goal turn off fast roaming 802.11r the preauthorise can be abused for access to your network. Tip two, with that many IoT light bulbs the RF must be a soup, lock your “study” IoT devices to the “study” AP and turn down the RF power of the 2.4 network. Less chatting = more RF space for devices that need it.

Great article, thanks. What I’d love to see is a something targeted at “in between” people like me. I’m in the UK with a UDM (non pro) & 16 port POE lite switch sitting in a mess of cables in my utility room, and a couple of Unifi APs, powered by a non-unifi POE switch in my loft. I really need to tidy this all up, get at least one more AP and a bigger unifi POE switch. Problem is, I then seem to be in the territory of a fully racked system with a massive upgrade cost. Would love to see something discussing something between these extremes….

@DavesGarage I hope you are on a DHCP connection from Comcast. As I am sure you know better than most people, while it’s not a huge problem, it could be a security risk esposing your public WAN IP. Also, you suggested that a wireless extender is a viable option to eliminate dead spots in wifi coverage. I highly recommend against using anything marketed as a “wireless extender” or “wifi extender” as these devices (generally) halve the available bandwidth and can add to RF congestion. I always recommend a full wireless AP or alternatively a mesh system and never use an extender, much better results.

I have also a “huge” house but i went for cheap mikrotiks. The config is not that easy, you have to know what you are doing, but you can get very cheaply acces points. I only need wifi for computers in my living room so this is the only place with 5ghz network, other ap’s have 2.4GHz connections, at the end, tablets and cell phones only need 2.4GHz to scroll through tiktok. I have a very cheap access point at my outdoor cinema place and it handled 1080p article streaming and multiple “gadgets” from my family and friends at once, for me, website spacing and router placement is far more important than router generation, most users can comfortably do with 20-30mbps connection if it is solid. I have most of my access points connected to 100 mbps switch. Mikrotik have also a very nice option for doing things like vlan (EOIP), so i can use old unmanaged switches for most things. I think that the most underestimated tip for current times is to get (in simplest scenario that 1 ap covers everything) any old acces point and set it fot IoT network, so when the broadband operator gives you new router, you just plug the second AP with IoT network and have less to worry.

Disclaimer, all of this cost a LOT of money, ubiquiti is cheaper than most other labels, but it’s still very costly. You can use a sbc, like a raspberry pi to install the control interface (run it in docker) and only buy the ubiquiti “dumb ap” access points. A dream machine in europe cost 324euro (incl VAT), quite a bit more than a sbc like raspberry pi or other arm64 sbc. But if you have the money, the dream machine is more stable in the long run where you don’t have to play around with updating the rpi ubiquti interface etc. But to be honest, I have run the interface on a nanopi neo3 (running armbian, not even a raspberry pi) for more than a year and only ONCE did I have to fix the docker containter (and it was probably my fault, I forgot to extend the storage so it ran out of disk space), and since I had the ubiquity config file backed up, I could just reinstall the interface (pull the latest docker image) and load the config file. Was done in less than 20 mins.

I’ve been thinking about putting all my smart lights on their own subnet Wi-Fi. First I tested my theory by unplugging all of the smart lights. I can’t believe how much more responsive my devices became when I unplug them. So maybe there’s just too many devices on the same website. Maybe a Wireless-G for all of the lights, and wireless-ac for the House? And before anyone says anything bad about slower signals, don’t underestimate the lower websites. I grew up in the times of 900 MHz cordless house phones. You could go all the way to the edge of the yard and then some. It’s always a trade-off between distance and bandwidth. You could have super-high speeds real close, but a piece of paper can block your signal. Or you could have slower speeds to reach much further distantces. All I can say is sure is thank God for multiplexing.

I’d like to see a article going over the Dream Machine settings, VLAN’s, how to separate and make sure one VLAN can’t access another, how to allow a device on one VLAN to access a device on another (for example a Fire Cube running Kodi to have access to a specific folder(s) on a Synology NAS where the article files are stored), etc.

Heh wifi has to accept any and all interference. As someone who has a small house (950 sq feet), I used to have to use 3 access points. Now, with mesh networking, things work better. I live by high tension high voltage power lines, so the RF noise floor is quite high. I use Asus equipment. Ubiquiti is good, I used them for a customer. The UDM as the main router/controller works beautifully. The only issue is the customers shop has an older snap on tablet that has issues talking to a wifi network with multiple access points. If you can’t get ubiquiti due to supply chain issues, TP Link also has something similar with their Omada line.

I was running a public AP at the house here until one of the neighbors downloaded some copywritten material that was being tracked for, and we got a copyright strike. I’ll make the vlan available with WPA2 when we have guests staying for more than a few hours, but otherwise it’s disabled. Both of us living in the house have (or have had) work from home options available to us. One of the things I did was establish unique vlans for each of us for our work computers. Those do have access to the internet, but not to any other vlan’s in the house. Mostly this is because I’ve worked in corporate enviroments shutting down network zones because of Code Red, Nimda, and a few other opportunistic viri over the years. My view is that if either of our corporate computers gets infected, or one of the home computers, or even an IoT device compromise happens, each vlan is protected from the others. Neither of us have needed to access services in the house beyond the vlan’s we’re working from, for our work computers. Sure printing to the HP LaserJet 400 in the basement would be a nice feature to have, but our companies are also aware this presents it’s own collection of issues. So it doesn’t happen. That said, she does have a LaserJet MPC printer in her office that she’s used to scan documents for work (Print, sign, scan upload gets a lot more complicated if you have to go to the corporate office in the midst of COVID lock downs.) That said, if you don’t need those capabilities, a much smaller set of vlans is a bit easier to manage.

Few thing I can recommend for a better wifi experience. Never power the AP all the way up. For less dense areas (which most houses are) you can power the AP to about 50% (17 dBm or 50 mW) Always use 5 GHz if possible. Use different websites. If you have neighbors use a free spectrum analyzer to see available websites. Disable lower data rates as your wifi will be as fast as the slowest device and you can minimize “sticky” devices. Meaning a deivee is gonnna statly connected as long as it can at a really low data rate slowing everyone down. I have unifi equipment and had to disable band steering and some other settings because it was causing issues with iphones in my house so check for weird bugs like that.