Help us make the Firewalla AP
Pinned FeaturedThe Firewalla Access Point 7 Desktop (FWAP7D) is almost here!
- Full Integration with the Firewalla Security Stack
- Zero Trust Network Architecture
- VLAN Segmentation and Microsegmentation Support
- Easy to install, managed anywhere
- Wi-Fi 7, faster and more reliable
- Wi-Fi Mesh with Ethernet or Wi-Fi backhaul
- Firewalla running in router mode is required
- 8 Spatial Streams, tri-band, low power indoor unit
- 10Gbit + 2.5Gbit Ethernet Interface
- Early access and beta are USA only. (EU and other countries coming in next 4 months)
- Price for beta units with discount: $299 to $349
- Final price after 1/20/2025: We don't know, depend on tariff
We usually run a pre-sale cycle, but due to the political changes (new President), it is not possible for us to pre-sale and build units without knowing possible tariff impacts. Instead, we’ve used the sale proceeds from BFCM to pre-purchase a batch of units.
The AP7 units should be built soon and be available for ordering. We plan to split the orders into groups: (This plan is still tentative, we may also merge beta+early access together)
- Early Access (for our earliest supporters at the lowest price, available mid- to late-December 2024. Must be running Firewalla Gold (v1 & v2), Gold SE, Gold Plus or Gold Pro in router mode)
- Beta Access (about 1 month later, available mid-January 2025. Must be running Firewalla Purple or Gold series units in router mode)
- Production (to be decided after 1/20/2025)
All units will have the final production hardware, software will be in early access/beta.
- Limited number of units available
- Limited to 3 units per customer
- Early access unit will be using early access software
- Beta access will be using beta software
The Firewalla AP7 Ceiling Mount will come a couple of months after 1/20/2025. It will seamlessly integrate with the FWAP7 Desktop units.
Please complete our survey and sign up, we will let you know when they are available to order!
Here is the sister project https://help.firewalla.com/hc/en-us/community/posts/28643907379091-Help-us-make-the-Firewalla-Switch
-
Although outside my current IPS/network capabilities I am heading in that upgrade direction. Fantastic idea. I am thinking hard about purchasing the Gold Pro and will definitely stay with Firewalla as a router/firewall. Would be good to understand the potential timing so we can hold off on expanding network capability after the purchase of a FWGP.
-
I would also like to see the setup similar to your routers as it just works..
I would like to have a ceiling AP as I use Tp-Link EAP ceiling APs through POE and controlled by their Omada OC200 Controller which allows you to setup multiple SSIDs on the fly, love to see a similar control mechanism with these APs, the Omada software is so useful -
Ack, I’m a bit late to find out Firewalla was working on APs now! This is exciting news as I love the Firewalla management interface and am excited to eventually have everything in a single pane of glass.
Currently I am running 3x Aruba InstantOn Aps mounted in both ceiling and wall orientations.
These are good but missing some of the functionality I loved\used when I ran the Meraki stack.
For me I’d like to see an outdoor AP option. 3rd party identity provider integration. I was trying to come up with other requirements but I’m guessing most will be met between WiFi 7 specs (eg roaming) and what Firewalla is already doing with the edge appliance.
-
It's not great for APs to be broadcasting so many SSIDs as there is limited air time which limits performance, as such I'm not a fan of seperating bands, network segmentation is great but there are better ways... Implementing something like "Identity PSK" where the same SSID can be used for multiple vlans based on the PSK and/or MAC supplied would be the way to go.
-
I mostly use the same SSID, but for guest access there is s limited bandwidth and separate SSID. For different customers obe migyt need a separate landline and own frequences.
But for my family AND it is always the same SSID. The devices are pushed to old 2.4GHz and a separate hidden SSID.
I fully understand the PSK and MAC separation. I use a MAC white list and always save the new config when adding phones or devices.
(My old Lenovo "gaming" laptop just got a WiFi 7 compatibility card. Not very good, but cheap.) -
I currently have 2 SSIDs, one for my devices and one for IOT. I had 3 (one for devices that required 2.4 only to join, but I don’t seem to have that problem with newer WiFi 7 based solutions. Technically I run another in my garage from my Gold+ with the WiFi SD just for the Teslas and they are really finicky in how they connect. And if I could get to on SSID but have some form of network segmentation that would be wonderful.
-
Please add possibility to turn off 2.4G for one configuration and 5G or 6G for other configuration, plus give the choice to add only WAP3, not to be combined with WAP2 although that choice should also be separate, this two settings are very important for me. About how many SSID, well I don’t have too many so at least 4, but you can do more than that. Will be very useful function to make them as a separate fully isolated WLANs
-
Lots of great points here, I run Aruba 1930 24 port Poe with 3 Instant on AP 25’s… I wount 2 on the ceiling and another is wall mounted. I run 6 vlans… home lab, IOT w2.4 ghz ssid, Home WiFi, streaming devices, wired vlan for work and last is a guest WiFi. 10 gig WiFi is awesome, easy management would be great thru the app, simple click create ssid and assign vlan. Bigger feature I am hoping for would be ability force vpn via vlan and doh/or dns over tls via vlan. Example in route all my IOT devices out via vpn.
-
I am going to cable my WiFi 7 transmitters as I have the cables already installed. 10G lines & WiFi 7. Transfer between my laptop & phones will be superior. I need a good NAS box with cable. I think since FW Golf Pro does NOT have 4x10G I will settle for 2.5G :-/
At least it is really cheap, but beautiful.
If the WiFi 7 AP has quad band (2*6Ghz) or more AND a life-time support then I might buy TWO!
Hopefully everything ship by the end of this year. -
I currently use 4 WiFi 6 meshed AP's placed in my house and a nice powered & networked shed which allows me to connect to my WiFi while in my 2.5 acre yard. I have 4 SSID's and 4 VLAN's in use. I use Ethernet backhaul for all APs for more deterministic performance vs meshed radio. I'm open to a WiFi 7 version so long as can do similar to my set up today. Thank you!
-
There is a lot of competition in this space. I wish you luck!
I currently run three mesh systems by Asus. These work extremely well and have had no issues running in my home, which is protected by FWG+.
If I thought long and hard, I could probably come up with a long list, but VLAN aware would by top priority.
My mesh systems are plugged into untagged vlan ports on my switches, but the APs themselves had no awareness of vlans. If I could create multiple SSIDs in the AP(s) and assign SSID to a vlan, that would be very cool. I think some wireless products do that, but I haven’t used them. Those that do may require the AP to be a router.
I want a pure wireless AP without routing (since I use Firewalla as my router). Wireless AP with vlan awareness that can be tied to an SSID.
For example:
MySSID_Private = vlan 25
MySSID_IoT = vlan 35
MySSID_Guest = vlan 45All with Ethernet backhaul mesh.
-
@mikehuxley
12 days ago
"I find ceiling APs give the best coverage and don't take up storage space"
My desktop model will sit on a stand or shell right above the living room door. I have placed a sort of wooden flat piece there along with electricity and ethernet cabling.
Yes
Good coverage is one of the top priorities. I think I have it covered! 😉
Anyone: is there an easy way to attach pictures here? -
My APs are currently either ceiling or wall mounted, mix of both POE wired directly back to a switch and others with power injector / mesh connect to another AP. 3 VLANs (admin, IoT, and everything else). My SSIDs are by band; won't go back to APs that bands can't be broken out onto their own SSIDs (or combined) as needed. Seamless roaming has been great. Ability to lock devices to one or a set of APs. I used to manually tweak power / channel settings, but I am learning to trust the SDN controller to optimize the settings.
MAC-based VLANs would be nice.
@Firewalla: I understand that it will take time to get there, but are you looking at eventually having a full SDN solution? Not to start a turf war in this thread (as I would love to migrate to a full Firewalla solution), but I'm currently running FWG+ as my router and everything behind the router is TP-Link Omada, managed by a controller. It's been great to be able to manage all of my equipment (switches and APs) from a single gui.
@Veli: yes, it looks like you can attach pictures; when adding comments, look to the icons to the right of your profile pic, next to last icon from the end.
-
I don't ceiling mount my APs at home, would be hard to get them downstairs, no real access to install a box. I would be happy if it looked classy on a table since they are in full view.
It would be nice to create an IoT SSID that would be restricted to the Internet only or allow only specific devices to bridge.
-
For AP's I'm using two Synology routers in bridge mode and in mesh.
I'm hoping that with wifi 7 I will only need 1 AP.
The Synology WRX560 goes for around $220 and it is a router, I would expect that a simple AP would not cost more within a year or so when the market for wifi 7 is clearer and growing, even 10G capable.One is stored in a wood cabinet, the other is on top of a shelf. Ideally they would be more flat than tall, which is easier to hid in a cabinet. Most home owners do not have their house wired to be able to mount AP's on the ceiling without visible cables. Alternatively I would be ok mounting one on a wall behind a cabinet or a TV, I don't want to see it, it's no decoration.
If it has PoE, it should also have a regular power source.
I would not need anything too fancy as the Firewalla router takes care of that business already unless you want to make it appealing to consumers that are using a different router. 10G capable and safe (obviously), 3-4 Ethernet ports on it (although I'm only using 1 or two), 10G capable, otherwise Wifi7 will be faster than 2.5G ports, and mesh capable, unlimited SSID's and unlimited VLAN ID's.
An absolute must, the ability to create wifi schedules and quotas per user profile and per connected device as well as a general schedule. For example the SSID for my kid's devices has a daily quota and an off time, but the whole wifi also has an off time so we can rest from EMF radiations while we sleep.
Please sign in to leave a comment.
Comments
268 comments