MikroTik RB4011 Ethernet 10-Port Gigabit Router (RB4011iGS+RM)

If you know Mikrotik, youll love the power of this device for the money - youd have to pay double or more for a Cloud Core class or 1100ah class to get the same grunt of this device. Nice to see SFP+ for a 10 gig link as well. Why would you need this? If you want to custom program complex firewall rules, most routers slow way doing doing complex things where this unit will blaze forward with low latency. For example, I have all my IoT devices on a a couple different and segmented VLANd SSD networks. Then, I have THOSE devices operating on a nailed-up VPN that presents their traffic as if they exist in another city for complete isolation. This router does all of that without any noticeable impact to CPU. These devices have a separate DHCP server on this router with their own IP subnet. Another scenario - I have a foreign country block list that simply black lists any incoming traffic from bad-actor nations - to just cut down on any attack surfaces. Heres another one - I use port-knocking to open up certain ports so I can access things like RDP using a port-knocking app on my phone. Heres another one - this router (a Mikrotik feature) has built in DDNS - which I use to connect to another similar unit at my folks house to create a site-to-site IPSEC secure tunnel so I can reach their local LAN to help out with network administration. No problem for this router - the encryption is done by a dedicated chip that does not affect CPU load. Heres another one - can organize your ports anyway you want - can group any combination of ports into separate Switch groups for hardware line-speed switching or use the CPU to create Bridges that can then do packet inpsection to look for keywords or patterns. Heres another one, this device not only has a DNS server that can cache DNS requests for more speed, but you can add static entries to redirect traffic to IP addresses of your choosing - sort of like a hosts file but for your entire network. If you dont know Mikrotik, there are plenty of tutorials out there (search for Greg Sowell Mikrotik to get started). Features you come to love are the rich built in tools that can capture traffic, can do in-gui sniffing to see where traffic is flowing (called Torch), IP-scanning, ARP analysis, bandwidth testing, and my favorite - this device can operate on Layer-2 using a Layer-2 telnet protocol, which means that even if IP addressing is not configured, you can still get to these devices to configure them. For super power users, can do BGP, OSPF, full SNMP and more.

Unlike the standard rack setup of the MikeoTik 3000rm or the Ubiquiti ER4 rack mount kit; the Kit on this is a very flimsy design with only 1 screw on just the bottom of each arm assembly to hold the rack mount to the device; there is no top screw mount. This should really have 2 on top and 2 on bottom of each side. Also the fit to the device has a lot of slop to it and not a tight fit. The device itself is substantially built and this feels like an afterthought. Best to wall mount or shelf mount the device instead of using the rack ear kit. The rack mount kit needs a substantial implementation redesign or the 4011 needs a bigger chassis with typical rack ears.

Small, light and powerful

This is a superb piece of hardware at a great price. In my initial testing I was really pleased and impressed with the performance. So if youre a professional with deep understanding of how to set this up, go for it. (But read the rest of my comments here first.) If youre not a pro, or at least someone with extensive network management expertise, you might wish to consider something with an easier management interface. The basic configuration was simple enough. But I wanted to set up WAN failover. And I wanted to set up basic security stuff, including setting it to disable pings and connection attempts from the WAN side. I hadnt even gotten to the advanced capabilities. But it was frankly just a giant pain. The website guide and the forum were barely helpful, especially when professionals argued with one another about how to best do something. (Not a confidence builder.) This took hours of trial and error. And just resetting the router is a pain, you have to hold the button for 30 seconds, after which it might or might not reset. Finally, I thought I had it all done right, and was happily running tests. And then I found out that I had somehow managed to disable the ability of my wifi access points to connect to the network. At this point I decided to accept defeat, rather than spend another day trying to figure it all out. I sent it back, thank goodness for Amazons excellent return policy. I wish Mikrotik would invest in a really nice GUI, and a small set of config wizards: yes, that would add cost, because good software costs money. But I think it would greatly increase the appeal of their products. Even pros like ease of use, because it saves time and hassle and reduces chances of error.

My network looks about like this. -11 Vlans. -37 filter rules. -No NAT, this is an inside router and I have edge firewalls that handle nat and WAN load balancing. -All internal vlans flow through the SFP+ using 1m DAC. The DMZ is hooked up via one of the rj45 ports. - 1677 connections active right now - iperf between two machine on different vlans shows 8.22gbps transfer speed -device is hot, they should have charged 20.00 more and added fans.

Greatly improved the performance and security of our home/small business network. The GUI allows me to easily setup what I want and dont want. I was a little intimidated by other reviews, but it was straight forward. I had all the ports set up and doing what was needed in less than 20 minutes.

Red de empresa

This gets the job done admirably. This is a fast, configurable router that is perfect for home gigabit internet use. The configurability comes at the price of it being complex. The out of the box config needed some tweaking to make it do what I needed to but it wasnt stupidly hard to figure out. Its definitely not for people who dont know how or want to learn how routing works. This isnt a consumer level router. Definitely worth every penny of the asking price.

Like all mikrotik devices, this is a swiss army knife of routers thanks to their RouterOS software. I was first introduced to Mikrotik devices through my work and do not want to go back to anything else. The level of control mikrotik gives you over your network is unreal. These devices arent for the timid though. With so many options and things you can configure, it can feel daunting at first. Luckily theyve recently been including default configuration options for most common situations thats made it easier to get up and running. For my set up, I have the RB4011 paired with a cAP AC and wAP. The 4011 is the brain of the network and I manage both the cAP AC and wAP through CAPsMAN. I have three separate networks: Standard for most devices, one for IoT, and one for security cameras. All three get internet access through the router and are on separate VLANS. I also set up firewall rules so my IoT network can only go out to the internet and cannot see anything else on the local network. The exception to this is communication to and from a PRTG Network Monitoring server I use locally to verify everything is running smoothly. On top of this, I set up my parents network in a similar way. Since we use mikrotik devices I was easily able to set up an encrypted tunnel and can monitor their network health and adjust if needed.

Router was shipped out promptly by seller. Using it in home setup, together with 3 other wifi routers as APs. Reasonably straightforward to set up. Router does its job well. Definite value for money. Take note that it gets warm, built in heat sink take care of it. Happy with purchase