I’ve written a lot about my boat network, and in particular, Peplink products that offer a ton of functionality and features. However, those come at a cost – the top of the line compact unit from Peplink can run almost $1000. For the last 6 months, I have been playing with configurations and hardware that cost less, but still provide flexibility and features that more expensive solutions offer.
I started by thinking about the criteria for on-boat networking and came up with some basic, high level requirements.
Local WiFi – must be able to create a local WiFi network running both 2.4Ghz and 5Ghz bands. Both are required because many locations have too much interference for 2.4Ghz to work properly.
Local Ethernet ports – there should be a few Ethernet ports on the device to allow for connection to items on your boat that cannot use WiFi.
Remote WiFi – must be able to grab remote WiFi signals and use them as a source for the Internet connection. Ideally this should be done via an externally mounted antenna/system.
LTE Internet – must be able to use a standard LTE connection to provide Internet access.
DC power – should run off of DC power, preferably 12v.
Relatively inexpensive – commercial vendor solutions start at $600 and don’t meet all of these requirements. Most are $800-1200 for all requirements, so this solution should be cheaper.
Modular – if possible, it should be modular so various components can be swapped out for lower/higher performance, and when protocols/standards change/improve.
Note that I did not include plug-and-play or dead-simple configuration. I am willing to spend a bit more time setting something up, and have a deep computing and systems background, but I tried to make this solution for someone who has a moderate computing background, or is at least willing to do some work to save some money. If you expect a simple wizard or one screen configuration, this is not the product/solution for you – you are better buying one of the more commercial solutions.
There are a ton of options out there for Internet access both at home and while mobile. I’ve mentioned a few before, including Peplink and Cradlepoint. These are fully commercial solutions that cost quite a bit of money, have tons of features, and are really good for networking nerds like myself, or folks who need abundance of features or functionality. They are generally produced for mobile applications, but lately many manufacturers are targeting the marine industry. The problem with many of these solutions is the cost, both initial and support for ongoing years, and the proprietary hardware they lock you into. I personally use the Peplink Max Transit on Grace and recently upgraded to the newer LTE radio version which was almost $900. I have dual LTE SIMs that can I choose from, 2.4 and 5Ghz WiFi, a LAN port that I uplink to a switch, and a WAN port that goes to my WiFi booster. You can see more details in Grace’s Redundant Internet Setup.
I use fancy rate shaping features, monitor things from cloud services, and do all sorts of other wonderful things that I find interesting, but that I have heard from many boaters, are not interesting to them. It is a great piece of hardware and software, but it comes at a price, and locks you in to their ecosystem.
In addition to those vendors, there are marine specific solutions like the Wirie, Rogue Networks, and many others. Many use the same hardware as you will see below adding a simplified UI to the product, and providing remote support. The cost for this is usually 2-4x times the list price of the hardware, and can drive their solutions up to a similar price point as larger commercial vendors. At the time of this article, the Wirie Pro with LTE added on is $800, and has less than half the features of the Peplink. They are often hard to get (out of stock a lot!) and don’t necessarily have the support department behind them that the larger vendors do.
The biggest reason to choose any of these vendors is the all-in-one solution and support. If you don’t want to get your hands dirty configuring a MikroTik, then look no further, these are for you.
Many people also grouse and complain about how much these solutions cost compared to their “home WiFi router” – take a minute and remember two things. First, if you have been in boating long enough, you know anything with the word “marine” before it makes things far more expensive! Second, does your home router have an LTE connection along with a long range antenna boosting a remote WiFi signal? I thought so. You only have one piece of the three part puzzle that you need on the boat.
I tried a number of different vendors software and hardware, and reviewed even more online. The first set of tests involved looking for a solution where all or most of the functionality was in one single system. This proved to be very difficult, and pushed the cost up very quickly. In many cases, the only solutions were integrated from several other pieces of hardware, and sold by a company as a service, with large price tags as a result.
Even cutting down some of the criteria didn’t fix the biggest problem of all – LTE internet access. While getting a product that has an LTE radio in it isn’t that hard, having good software around it is surprisingly difficult to find without caveats or features you don’t need. Many companies, including Peplink, Cradlepoint, Mushroom Networks, and many more, provide an entire set of products around managing internet connections via LTE. The features alone around failing over between LTE links, VPN sharing, signal strength monitoring, etc. are very complex, and warrant the $800-1000 price tags for some of that equipment.
After discarding all of the expensive vendors, that left a lot of smaller companies and platforms. Having used many of them at work and in past projects, after reviewing even more of the smaller companies, I finally settled on two front runners – MikroTik and pfSense.
I considered several other commercial and open source projects but was never happy with the feature set or hardware that they produced. In many cases, they did not produce hardware at all, and required that you buy off the shelf stuff, which is fine, but once you throw in DC power, switch ports, and WiFi radios, it gets expensive, or requires integration.
pfSense has been around a very long time, and are primarily known as a firewall product. In recent years they were purchased by Netgate, and have been producing their own hardware. However, you can install pfSense on hardware of your own if you so choose. It is an amazingly full-featured firewall with tons of options and features, and plugins to add even more functionality. However, their WiFi support is complex, has limited hardware choices for a DC 12v install, and very poor LTE radio support.
MikroTik has been around a long while as well, and combined with their RouterBoard hardware, offers a crazy amount of differing hardware platforms all with the same OS. I’ve written about MikroTik before, and use a Groove AC as my main remote WiFi unit on Grace. MikroTik offered far more hardware choices that looked good, have an OS that is similar in features to pfSense, although sometimes difficult to interact with, but also had bad LTE support.
At the end of all this testing, I never found a single solution that could provide the core items you would find in a Peplink router – LTE, WiFi and some ethernet ports, all running at 12v DC. Time to break things up into parts!
After a lot of attempts at trying USB dongles, LTE WiFi access points (commonly called Jetpacks or MiFi), I stumbled across a set of products from Netgear that looked perfect – the LB1120 is the model I chose. This is an LTE modem with varying configurations of Ethernet ports, and nothing else. Not a USB dongle, WiFi access point that has crappy features, or anything else – just raw LTE radio and Ethernet port, which was perfect for my configuration. It is also quite powerful radio/signal wise.
There are three models to choose from, the LB1120, LB1121, and LB2120. The LB1120 has a single Ethernet port, the 1121 a single Ethernet port that can accept PoE, and the LB2120 with two Ethernet ports – WAN and LAN.
I chose the LB1120 so that I could have a simplified configuration – one LAN port that connects to my on board router and provides a high quality LTE signal.
The LB2120 could work depending on your setup, and I actually tested that unit and had high hopes for it. It has a LAN port and a WAN port with failover functionality built in. I had tried to use the WAN port to connect the remote WiFi grabbing device, but found that when the WAN port failed a health check, it took the port down, which meant that I could not configure the device upstream of it to fix the problem. Sort of a catch 22 situation that would require disconnecting that upstream device in order to add a new WiFi network that I was trying to amplify, so I wouldn’t recommend it for that particular configuration.
The LB1121, which can be powered by PoE, is not likely worth the cost, as it would have to have another device capable of producing PoE. If you continue down and choose not to use a remote WiFi grabbing device from the router, then you could feasibly use it to power the Netgear but I didn’t test that.
Note that I tested the Netgear LB1120 on AT&T and T-Mobile in the US. Your mileage may vary with other providers. It does appear that this device does not have world-band coverage, at least in the US, so please review the models and band coverage carefully if you need international coverage.
A must have accessory for any of the three models is the Netgear MIMO antenna, which plugs into the two ports on the back of the modem and helps ensure you have a quality signal.
The performance of this Netgear setup really impressed me in all conditions. The power of the radios and additional gain from the antenna made for one of the highest performing LTE solutions I’ve ever used. The diversity radios made a huge impact on throughput, and not having other random features made for a really simplified configuration. Having software that will use the WiFi device upstream if available, and fall back to LTE when unavailable is similar to high end features on commercial solutions.
This would be a fantastic addition to a boat network with an existing router, but without any LTE.
After testing a bunch of different hardware and reviewing many others online, I found the best router to be the MikroTik hAP AC. The hardware is simply superior to anything else I could find for the price. It includes a 2.4Ghz/5Ghz WiFi AP, 5 ethernet ports, including one PoE, and operates off of DC power over a wide range. The operating system has a lot of flexibility, and while relatively esoteric and sometimes hard to use, provided most of the features (if not all) of the more expensive commercial choices.
I don’t understand how MikroTik can make such a powerful box for so cheap – the feature set and hardware rival solutions router makers for your home or office.
The hAP has 5 ethernet ports, one of which can generate Power over Ethernet (PoE) power outbound to run another device, and one which can accept PoE power in to run the entire router. I chose to use DC power from the boat, and keep things simple. It also has a USB port if you want to try to use their LTE support (don’t), lights for each port and the WiFi radios, a reset button, and that’s about it.
The biggest challenge to any MikroTik device is configuration. Using MikroTik’s winbox configuration tool can help with this, but ultimately you will have to do some research depending on your exact configuration.
I have included a basic configuration example from my testing which setup the hAP in the following:
- Ethernet port 1 as the WAN connection – this is what should be plugged into the Netgear and is “outside” the firewall
- Ethernet ports 2-5 as your LAN connections, protected by the basic MikroTik firewall and able to be used for cabled devices
- WiFi radios for both 2.4Ghz and 5Ghz turned on with network name “your-ssid” and password “your-password” – please change these!
- Basic firewall setup denying all traffic from the WAN port but responding to ping and allowing existing sessions. Your mileage may vary, and I highly recommend reading more on MikroTik’s site and forums about improving security and your firewall.
The configuration file is available here: sailbits-mikrotik-hap-ac
Please note that this configuration file has been known to cause syntax errors with newer versions of software. I recommend you read my other article MikroTik Groove step-by-step setup guide for an easier way to set things up in your MikroTik.
Remote WiFi Solution
Having done extensive testing in this area a bit over a year and a half ago, I revisited the various vendors that were part of my tests then, and looked for new ones. Even with that update, I still stand by my current solution for this – the MikroTik Groove AC.
The Groove is a two piece WiFi unit that runs off of Power over Ethernet. It is meant to be mounted outside so that it has a better chance to pick up remote WiFi networks, and comes with clamps and points to make that easy. There’s also an adapter to provide PoE power from a wall wart – I modified mine and connected it to my 12v DC system on the boat.
There’s one Ethernet port on the bottom with a water proof cover. You can run an outdoor quality Ethernet cable from the unit inside to where the router is.
International users please note: the link below is for a US only “locked” version. If you are using this internationally, you should look for the “unlocked” international version.
I decided to show a couple different configurations possible with this set of equipment based on needs.
LTE & Remote WiFi
This is the full featured solution with both LTE and WiFi internet sources available. Port 1 on the MikroTik hAP router connects to the Netgear for LTE internet access, and port 5 connects and powers the MikroTik Groove via power over ethernet (PoE) to capture remote WiFi signals.
To configure failover between LTE and WiFi, I recommend reading Two gateways failover and Advanced Routing Failover on MikroTik’s site. Please note the example configuration file provided above does not include the failover configuration.
Based on how you configure failover, you could have WiFi as primary when a network is connected, and only use LTE when absolutely needed. I personally use LTE all the time, and only turn remote WiFi on when I know there is a network nearby that is high quality, and that I can get on reliably. I have found most marina networks to be slower than LTE or have issues with quality signal (see Marina WiFi is Hard). As a result, I have mine configured with the MikroTik Groove disabled most of the time unless I absolutely need it, and rely on LTE.
Whichever way you configure it, this setup gives you the best of both worlds with plenty of flexibility.
This is the cheapest and simplest configuration, but also one that many folks choose if you don’t care about grabbing remote WiFi signals. Pretty simple and straightforwards – ethernet from router to Netgear. The example configuration provided in sailbits-mikrotik-hap-ac will work for this setup.
Given that less and less marinas seem to be providing WiFi (at least around here), this seems like a more likely way for folks to get Internet on the boat via LTE.
All of these devices accept 12v DC. The MikroTik can accept from 10-57V, the Netgear accepts 12V, and the MikroTik Groove accepts PoE from 10-30V.
I’ve run the Netgear on the boat for 4+ months at widely varying voltages from 11-14+ without any issues, but your mileage may vary. I doubt it is designed as well as the MikroTik – if you’re worried, either run it off of AC/inverter power, or use a buck converter to take whatever voltage you are producing on the boat, and make sure it’s always 12v.
For the MikroTik router and the Netgear, I simply wired their barrel connectors into a DC fuse block each with their own fuse matching the manufacturers specs. For the MikroTik Groove, I prefer using the MikroTik hAP router’s PoE port, but I have also used the provided PoE adapter, lopped the barrel connector off, and run it off of the varying 11-14+ volt boat power system by connecting it to the same DC fuse block with its own fuse.
Not only is this setup modular to the point that you could swap things in and out, but you don’t have to use all of the pieces to begin with.
If you already have an onboard router, but don’t have LTE, grabbing the Netgear is an easy way to add it with minimal cost, but providing a high performance connection.
Same with the on-board router – if you don’t have one now, and are a DIY’er, the MikroTik has a fantastic set of WiFi radios for both 2.4Ghz and 5Ghz, runs off of boat power, has a ton of ports, and can be expanded on later.
You can even combine a booster with this configuration and supercharge it, although it will add almost double the cost. You can read more about how to do this in Best LTE antenna and booster for the boat.
Here are the general costs at time of writing.
LTE & Remote WiFi:
While saving this much money is nice, it is important to review the benefits in choosing something like this over a more expensive commercial solution.
- Less expensive than a single commercial solution
- Modular – when LTE category X comes out, you don’t have to replace the entire unit to get the faster access (which is the case with Peplink/Cradlepoint).
- Simpler components – if you need to replace/upgrade/change one part, its easy to do.
- 3 devices instead of one – adds more cabling, power, etc.
- Complex configuration – this is not something to overlook. The MikroTik OS in particular is complex and very modular, but also very frustrating to many people. It is best if you have some sort of computing background – this solution is not for those who want plug and play or simple wizards to set things up. If that is what you need, you are stuck paying for a more expensive solution.
- Integrated features missing – the commercial solutions have features that take advantage of the fact that they are controlling all aspects of your Internet connection – WiFi, LTE, LAN, etc. – and can leverage that for some really nice features. Some of these can be achieved with the above, but they are not as robust.
For roughly half the price of a single-vendor solution, you can build an Internet setup on your boat that allows for a local 2.4Ghz & 5Ghz WiFi networks, four Ethernet ports, LTE internet access, and remote WiFi internet access. It does require a bit more configuration, but you will have a quality solution that can be updated, upgraded, and expanded on without much effort.