TP-LINK TL-SG108E VLAN configuration issue
-
@mcury
I think I do. Let me see.
So, in your example, the server would use a pfsense interface, then through switch, to server, which might cause a throughput speed issue. Therefore, you are saying to add a server, such as a plex, on my LAN network, am I correct?Or, are you saying that any VLAN, no matter how its connected (router interface port or switch), would have to pass through pfsense, then switch to server.
I do want to add a Synology NAS, with Plex, so I will add it as you describe above, directly into my LAN network.
Assuming I have understood your explanation, how then would I connect a server that would contain personal files, storage, and other sensitive data, and keep it secure ?
-
@mitch-rapp said in TP-LINK TL-SG108E VLAN configuration issue:
So, in your example, the server would use a pfsense interface, then through switch, to server, which might cause a throughput speed issue. Therefore, you are saying to add a server, such as a plex, on my LAN network, am I correct?
All intervlan connectivity will have to go to pfsense, this happens because pfsense is the default gateway of the networks.
So, If one user in VLAN28 wants to send a file to a server in VLAN27, this file will go to the gateway, and the gateway will send this packet to VLAN27.Now imagine that during this file transfer, three other users in VLAN28 wants to download a file from the Internet ok?
What is going to happen is that depending on the file transfer speed, and your Internet speed, your 1Gbps Pfsense interface connected to the switch TL-SG108E wouldn't be enough and things would slow down..
@mitch-rapp said in TP-LINK TL-SG108E VLAN configuration issue:
Or, are you saying that any VLAN, no matter how its connected (router interface port or switch), would have to pass through pfsense, then switch to server.
All connections in the same VLAN, wouldn't go to pfsense, it passes directly through the switch.
@mitch-rapp said in TP-LINK TL-SG108E VLAN configuration issue:
I do want to add a Synology NAS, with Plex, so I will add it as you describe above, directly into my LAN network.
I would add this server in the same VLAN as the clients that will access this server are, thus using only the switch to make this connection.
@mitch-rapp said in TP-LINK TL-SG108E VLAN configuration issue:
Assuming I have understood your explanation, how then would I connect a server that would contain personal files, storage, and other sensitive data, and keep it secure ?
From the Internet perspective, there is a default deny rule in your Firewall that will block all packets coming to it. So, your server will only be reachable from the Internet if you create a portforward to it. Only outbound connections are allowed by default.
From the users inside your network perspective, you can put the server in another VLAN/or network, but this may or may not cause the problem mentioned above, with the 1Gbps link.
Or, you can use the Synology NAS internal Firewall, to allow users to access specific services in the NAS.Also, there is another option that is authentication, for an example:
I have here a samba server, it works very similar to a Active Directory.
I created groups and these groups can access specific folders, services and etc..
Public folders are available to all domain users. -
Ah! I think I understand now. :-)
One other question, on pfsense, my WAN_DHCP(default) Gateway is working fine, however, the WAN_DHCP6 Gateway still says "pending."
Therefor none of my Ipv6 devices are getting an Ipc6 address.I'm pretty sure I must have something set incorrectly. any ideas?
-
Is the ISP modem in bridge mode? If so, pfsense should be receiving a public IP address in the WAN.
-
@mcury
There is no ISP modem. It's just a straight fiber run to the house, fiber to Ethernet converter, then ethernet straight to router.Ivp4 is fine.
-
@mitch-rapp Are you getting a IPv6 address?
Is your WAN IPv6 interface configuration set to DHCP?
-
@mcury
Yes.
However, under status, gateways, DHCP_6 is "pending." -
@mitch-rapp My ipv6 knowledge is weak unfortunately, so I'm not the best guy to explain you how it works or how you should configure it.
I know that my provider is using DHCP and not SLAAC, and that they only give me a /64, which means that I can use IPv6 in only one network..
You would have to try different settings there, or call your provider to see how it should be configured. Or maybe someone else here in the forum could assist you in that..
-
@mcury
Ok, Thank you! I just asked my ISP to have an IT guy call me. So, we'll see what happens.You're a Formula one guy, I see! :-)
Which team?
-
@mitch-rapp said in TP-LINK TL-SG108E VLAN configuration issue:
You're a Formula one guy, I see! :-)
Which team?That is a picture of Ayrton Senna, not me ehhe :)
He is a hero here in Brazil, but he is no longer between us, he died in 94.. -
@mcury
Oh yes, I know exactly who it is. Before they stopped the F1 races in Indianapolis, I used to go every year. I saw Felipe Massa drive numerous times, and Rubens Barrichello.Also, have you seen the movie, Senna (2010) ?
-
@mitch-rapp said in TP-LINK TL-SG108E VLAN configuration issue:
Oh yes, I know exactly who it is. Before they stopped the F1 races in Indianapolis, I used to go every year. I saw Felipe Massa drive numerous times, and Rubens Barrichello.
I used to watch his races with my father, so its a family thing, very good memories...
Felipe Massa and Rubens Barrichello were good drivers, but in my opinion, Senna and Schumacher were the best in the history..@mitch-rapp said in TP-LINK TL-SG108E VLAN configuration issue:
Also, have you seen the movie, Senna (2010) ?
Sure :)
Edit: look at this... https://www.ayrtonsenna.com.br/en/sem-freios-so-com-uma-marcha-sem-pit-stop-as-vitorias-lendarias-de-senna/
That race using only one gear, he got so tired, that he almost couldn't lift the trophy.. -
@mcury
Agreed, Senna & Schumacher! I don't care much for Hamilton. I'm a Ferrari guy.
Same here. I used to go to the race every year with my father-in-law. Very good memories. Have you been to the Brazilian Grand Prix?That movie is fantastic! I saw it at the theater.
-
@mitch-rapp said in TP-LINK TL-SG108E VLAN configuration issue:
Have you been to the Brazilian Grand Prix?
Unfortunately I didn't, always watched the races through the TV...
It was a crazy thing those times, people used to speak about his races for at least one week...
People would gather in front of a small TV just to watch him.