Right, sorry I missed that bit.
Well you'll need to add another NIC to the pfsense box and connect your access point to that. Either that or get a managed switch which supports VLANs.
this is the switch
I was wondering could I setup a vpn on the asus n53 and tunnel past the pfsense, would that stop if from seeing the rest of the network if someone somehow hacked it.
Probably not, even with a VPN the wifi network would still be on the same network as everything else.
If the asus router supports openwrt or some other custom firmware you may be able to configure VLANs on the switch. You could then set it up like this pfsense---asus router---netgear switch---rest of network. On the asus router you would configure two VLANs and have the wirelss network on VLAN and the LAN on VLAN 1, configure the ports so that the one connecting to the switch is VLAN1 and the one connecting to pfsense is a trunk port or otherwise configured to allow traffic on both VLANs. Then on pfsense create two VLAN interfaces for VLAN 1 and two, assign the VLAN1 interface to LAN and create a new interface for VLAN2 called public. Then configure the firewall like I described earlier.
Thanks for the help and the info. Will see if i can find a two port nic or three if they are cheap and do it that way. That n53 is junk it use to be my main router but would over heat and the internet would slow to less then 1mb. pfsense is the best way to go for a router after learning the basics it has been great.
Have a day
FreeNAS Box
Case:NORCO RPC-4220 4U
MB:ASRock E3C224
CPU: Intel Xeon E3-1275L v3
CPU Cooler:Reeven STEROPES
Fans:120mm Noctoua NF F12 PWM x3 +
Memory:Kingston ValueRAM (4 x 8 GB) DDR3 ECC
PSU:SeaSonic Platinum Series SS-400FL2
HBA:LSI LSI00244 (9201-16i)
HDD:WD Red 3TB x8
NIC: IntelX540-T2 10G
//////////////////////////////////////////////////////////////////
PFSense
Case:IPC-3035S 3U
MB:ASRock E3C224-4L
CPU: Intel i3 4130T
CPU Cooler: Stock
Fans: 120mm Noctoua NF F12 PWM
Memory:Kingston ValueRAM 8 GB DDR3 ECC
PSU: EVGA 500 B1
HDD: Samsung 830 120gb
NIC: IntelX540-T2 10G
//////////////////////////////////////////////////////////////////
Security Onion Box
Case: NORCO RPC-231 (2u)
MB/CPU: ASRock N3150M
Memory: ??? 2x4GB DDR3
PSU:FSP Mini ITX/Flex ATX 80Plus Gold 250W
HDD:Samsung 840Evo 250 + WD Blue 2TB
NIC: ???
//////////////////////////////////////////////////////////////////
Switch: 24Port Cisco 3750G POE
AP: Ubquiti Unifi AC PRO
PDU:CyberPower Switched PDU15SW8FNET
UPS: APC 1200va ???
Rack: ????
I'll post pictures later and finish the last few things I cant remember at work.
1 Like
The network is pretty much two network hubs at each end of the house linked together by a single Ethernet cable, with a Neptunia theme in it ^^
1 Like
Ostensibly
Prepare to be horrified. Sorry about the dust. :O
Gateway router
Smart switch 3 different LACP bonds in pairs from left to right. Uplink to router on the right. LACP goes to my workstation, NAS, Windows Server box(the one with monitor).
Dumb switch on the bottom connected to printers/voip/RPI/other workstations. One link goes directly to router.
RPI 3 + old car lcd display. Showing weather report, bus schedule and temperature in that room.
Showing the static rpi no-ir webcam image that auto refreshes every minute. Good old RT-N16 with USB wifi card and a directional antenna for extending my wifi into the street.(mainly the bus stop)
Monitor connected to the Windows Server box. Running Hyper-v VMs. Few other servers in that corner. I use steam streaming whenever I need to take control of the "display" user.
Oh and wallpapers are set to rotate and that small picture frame loads a new picture from m album periodically.
3 Likes
My modified laundry closet with 10G and 220V power. Only issue is when the door is fully closed there is no fresh air. Looking at adding an exhaust fan to exhaust out of the dryer vent.
6 Likes
I recently moved my networking gear to another location in the same room as I wired Ethernet to upstairs as it seemed like a better idea to have it closer to the sockets.
This is a temp setup, I need to manage the wires better but I still have quite a lot of CAT6 cable left from the run so I'm going to be replacing most of the CAT5e cable here to be shorter and maybe put my server on a table or something.
The square box is my J1800 server, the switch is a GS108E which I have multiple VLANs setup for the network and of course my Unifi AP AC Lite for wireless networking.
Since I was moving the gear I got a chance to take a photo of inside my router, it is running pfSense and is an AM1 system with an Athlon 5350 Quad-Core, The case I am using is some Zalman case that I got for free but it had no HDD bracket so I took one out of my rackmount chassis and mounted it to the top vent.
Finally here is my pfSense dashboard, this was taken just before I moved the gear and shut it down, has been running for 136 day straight without issue, most of the VLANs on the switch pass through to pfSense such as the DMZ, ISOLATE, GUEST, and IOT interfaces which are firewalled off from the rest of the network.
4 Likes
So..
it's been a while since I posted in this thread.
I've decided to simplify and merge my entire network into one box.
When I started this thread I had a custom built Freenas box with 6x2TB used HGST drives. I started running out of space...my library is now around 6TB. I purchased a cheap Dell T3500 workstation and made a bandaid with some hard drives laying around... i had a 6TB which i was using for backup and two 3 tb hard drives... I had 10TB but no redundancy..and it backed up to my old server which I changed from RaidZ2 to RaidZ1.
The T3500 became my Plex box and my previous server became my backup box.
Now I am in the process of moving everything over to a new server. I bought a cheap Dell R710 from Theserverstore.com.It has 96GB of RAM, two low power Xeon L5640s, an LSI 9211 HBA. All for $450 shipped. I will be running EXSI off of a SD card. I also purchased a 256GB 960EVO, which will be used for my VM stores, and while it only has PCI-E 2.0, it will still be faster than any sata SSD.
My main VM will be FreeNAS.. I will pass the LSI controller to this VM. For storage I purchaed 4 of the new 4TB HGST NAS drives with 128MB of cache. They are currently plugged into my backup server and I am running 7 passes of DBAN and verifying between each pass. So far 2 passes have gone just fine. These will be running in RaidZ1... so I will have 10 TB of usable space. I bought a second 6TB hard drive... so my two 6TB drives will be backup, but no redundancy. I am fine with that. I think the next goal will be to start moving stuff off site to Backblaze or something.
I will setup a windows 10 VM for the purposes of running Plex and PlexPy. Since it will be running on the 960 EVO and not the spinning drives we should be seeing some great loading times for the tiles and metadata on the Plex interface.
I also purchased a China clone of an Intel i350-T4 for 50 bucks. I hope that it works out and is stable, if not I will have to bite the bullet and buy a real one. The plan is to sell my edge router pro and run a pFsense VM on the new server as well. Maybe Untangle.. I haven't decided.
So in essence... I will have removed 3 boxes from my setup and replaced it with one, better and faster one.
If anyone is looking for information on my old servers--- shoot me a message because they will be for sale soon!! :)
Any feedback and suggestiosn are welcome!
Heres a photo of the mess while I am testing and migrating data.
3 Likes
a bit off topic but I needed a wireless repeater in my old apartment and didnt want to buy one
of course windows and osx which were triple-booted on my laptop with linux mint wont allow multiple wifi adaptors that I know of but mint allowed it without a problem
i am sure it was slower than it could have been but I was able to get the range i needed with cheap old hardware
This is my home network at the moment. Would like to get my hands on some Ubiquiti Unifi & EdgeMax gear to possibly replace the MikroTik gear and add 5G Wireless.
2 Likes
I am in the progress of diving even deeper into the unifi ecosystem for my home.
The SDN approach is pretty nice, but sadly the gui for it ain't there where it already should be.
(can't set a search domain for DHCP for example)
Mixing Unifi and EdgeMax gear I would probably not encourage as that kills of the biggest advantage - the one place to control it all of unifi with its controller.
Ubiquiti WiFi gear is good for SMB & SOHO networks, but honestly most of their other gear is lacking. Even the UAP-AC-PRO WAPs don't disclose which clients are connected to them via SNMP so you are lacking insight to that through standard network monitoring tools.
1 Like
mine is something like :
cable and dsl modem
...|
pfsense
...|
switch
/.............|.......... \
my box nas wireless router
........................../|\
........................./ | \
..........HTPC_ / | ___ hdhomerun (antenna)
.......................moca
..........................|
......................moca
.........................|
..........wireless router
.........../...........|..........\
..i3 box........roku....hdhomerun (cable)
all devices wired. all other devices (not shown) are wireless (phones, tablets, laptops etc)
hopefully that crude ascii drawing is ok.
/*edit*/
well the board not so helpfully undid all my careful whitespace placement, so i replaced them with periods
/*endedit*/
Mine is a modem connected to PFSense hosted by ESXi, to a 10 port netgear managed switch, to an Asus router in AP mode and a ubiquiti AP. Everything except the APs are inside of a tv stand with a few holes cut out with 120mm fans blowing air in/out. I choose to rig the shit outta stuff instead of doing fancy things.
