Whats Next?
-
@digiguy Just a suggestion for private addresses, I use the home/business owners birthday with a 10./24.
So if today is your birthday, your subnet will be 10.2.19.0/24.
This leaves the "usual" 192.168 addresses to be used for vpn tunnels and anything else that wouldn't overlap anywhere.
Been doing that for years and still never used the same subnet twice!
Still waiting for it to happen. -
@jarhead that is actually a pretty slick way of coming up with network without having to put much thought into it, and should be unique, etc..
This came to mind when you mention
Been doing that for years and still never used the same subnet twice!
-
@digiguy There is not much maintenance needed. Updates come out 3x/year for plus and apparently less for CE.
Everyone will have their own way of doing things. We turn off logging if the default block rule so there’s very little noise in the logs. (In logs page settings)
Netgate has video “hangouts” if you prefer video.
-
@johnpoz Ha! Interesting graph.
By that, it should've happened by now!
Still wondering what I should do when it does happen, does that warrant buying the owner a beer? -
Great to get such quick detailed responses to such a vague and generalized post! Thank you!!! I have D/Led the pfsense documentation/manual. Will start memorizing all 2000+ pages... LMAO!
For my private address, I have gone away from 192.168.x.x and utilzed 172.16.0.x/16 Its what I used with what I had before won't mention any names but here is the initials (Untangle - lol) Seems to have worked.
One reason I question my configuration is I have had some issues. My wireless access point wasn't working. A power cycle and cable reconnecting looks like it helped. I did notice my wan did go down/up and not sure if that was the start of the issue. Still attempting to read the logs to see if I can determine the issues...
-
@digiguy said in Whats Next?:
utilzed 172.16.0.x/16
/16? You have plans of 65k some devices on this network?
I'm pretty sure /24 would work fine, or /23.. /16 is huge for a single segment..
-
uhh.. no plans to expand that big... lol.. will change it to 24... thanks!
-
@digiguy I see a lot of people using /16's for their LAN. Think of the broadcast traffic that generates alone. It makes no sense at all.
-
Nevermind... doing some reading and I am seeing some of the answers in Dr Google... lol
You are certainly correct on the extra traffic. If I setup another interface for a internal web server, a DMZ(OPT1), do I need another segment? a subnet? What or how should that interfaces IP be setup? Static? dhcp? What should my internal web server's static IP be?
-
@digiguy The answer to all of those questions is "Up to you".
It really depends on what you want but yes, you would use another subnet on another interface and you would set the interface address statically but you can use DHCP for connected devices. Really is up to you. -
You could have a look in, if you find something you may interested or it is matching your needs or fitting the rest of
your network. If you find something configure it out following that docu. -
This post is deleted!