Help with simple home config
-
What about just buying a new AP? The unifi stuff is really reasonable priced - the new AC line runs like $89 to 149.. They support vlans - they can use a controller (software) that you could run in a vm on your esxi host. That is what I do, or you could even use your raspberry pi for that.
ADSL based routers do have very limited 3rd party support.
Is there anyway to change out your current x1 nic in your host with a x2 or even x4?
-
What about just buying a new AP? The unifi stuff is really reasonable priced - the new AC line runs like $89 to 149.. They support vlans - they can use a controller (software) that you could run in a vm on your esxi host. That is what I do, or you could even use your raspberry pi for that.
ADSL based routers do have very limited 3rd party support.
Is there anyway to change out your current x1 nic in your host with a x2 or even x4?
I've just bought an APC ups and the netgear switch…at least at the moment I have to stick to the hardware I already have... and as I said, the ESXi host has all the PCI ports occupied, the intel NIC is already using the only PCI-e x1 port left, and the rest of them are being used by GPUs, RAID cards and USB3.0 cards for different VMs, so that's not an option.
I think using the Raspberry Pi 2 with open-WRT and a wifi dongle as wireless Access Point could be a good solution.
what would be the configuration in that case?
0/ internet -> 1/ ISP modem/router in bridge mode -> 2/ ESXi6/pfSense2.2.4VM **-> 3/**Netgear GS108E switch
->
4.1/ Asus DSL-N16U as wifi AP1 ;
4.2/ Raspberry Pi as wifi AP2;
->
5/ DEVICES: computers, laptops, smartphones… using the 2 different APsI have no budget left for this, at least until next year, that's why I'm trying to do it with only these resources.On the other hand, as I said, I'm talking about a small home LAN with no more than ten devices simulteneously (most of them my homework VMs) and only 10mb of DL speed.
PD: I have to say I have another computer with 3 NICs, but 2 of them are just fast ethernet PCI NICs, and I'd rather not using that computer as home router (all day on) because it uses much more energy than my actual ESXi host: they both are core i7, but one of them is an old core i7 860 with only 8gb RAM, 3 NICs (only one of them gigabit) and an old crappy PSU, and the other one is a new core i7 4790 with 32gb RAM, 2 gigabit NICs and a 80+gold certified PSU. They both are ESXi hosts in the same Sphere, but only the core i7 4790 is all day on, I only use the old core i7 860 computer for backups, testing etc…
Thanks again for your time and help, johnpoz
-
"I think using the Raspberry Pi 2 with open-WRT and a wifi dongle as wireless Access Point could be a good solution"
Yeah that would most likely suck as AP.. Those little dongles are not very good in range and xmit power.. I wouldn't waste any time doing that - just buy a REAL AP that has vlan support.. Your not talking 1,000's of dollars you can get a unifi 2.4 AP for $70.. Or the new AC lite for $89.. Why would you not go that route??
And why can you not replace the pci-e nic with a dual port nic? here is a dual port pci-e x1 slot card for $30
http://www.amazon.com/Crest-Gigabit-Ethernet-Network-SY-PEX24028/dp/B00965J4TS/
Here is driver for esxi 6 since it doesn't seem to natively support that Realtek Chipset 8111E
https://vibsdepot.v-front.de/wiki/index.php/Net55-r8168
This would allow you to do it without vlans since you would another physical port.. But best option would be a AP that supports vlans..
-
Confused with that statement by gjaltemba - pfsense is more than capable of running multiple dhcp servers as long as pfsense has an interface in that network be it physical or a vlan..
Agreed but pfSense is limited to one subnet per interface (physical or vlan). Correct?
Asuswrt gui gives the false impression that a Guest Network in AP mode will restrict access to your LAN but it does not.
So a no cost solution would be to define vlan in switch. Asuswrt gui does not support vlan but I am going to try with ssh and script.
I have a computer that could use a dual port pcie x1. Thanks for the link.
-
Agreed but pfSense is limited to one subnet per interface (physical or vlan). Correct?
In pfSense one physical interface can host multiple VLAN interfaces.
Example
Create VLAN 10, 20, and 30 on eth0
Assign OPT1 to VLAN 10 on eth0
Assign OPT2 to VLAN 20 on eth0
Assign OPT3 to VLAN 30 on eth0Create a switchport with tagged VLANs 10, 20, and 30 and patch it to eth0.
-
Sorry I meant that pfSense dhcp server is limited to one subnet per interface. Correct?
-
Yes. If that's insufficient use helpers and another DHCP server.
-
That IO CREST card it's the first dual PCI-E x1 NIC I've ever seen, I thought they were only available in PCI-E x4.
Anyway, I can't buy it from amazon spain, and the cheapest price I've found (buying it from spain) it's > 50€.
I can get an IBM PRO/1000 PT Dual Port PCI-E for 25€ with 1 year warantee, but I will have to sacrifice one of the PCI-E x16 ports I'm using, so I'll think about it. I've got an LSI card in passthrough for a NAS4free VM that is using just 3 sata HDDs in RAID Z1. If nas4free can use those same disks in RDM (Raw Device Mapping)
http://vm-help.com/esx40i/SATA_RDMs.php
without losing their data in ESXi, I will probably replace the HBA card for a dual NIC card, I have to see if that is possible, I've never used RDM disks in ZFS before.Confused with that statement by gjaltemba - pfsense is more than capable of running multiple dhcp servers as long as pfsense has an interface in that network be it physical or a vlan..
Asuswrt gui gives the false impression that a Guest Network in AP mode will restrict access to your LAN but it does not.
So a no cost solution would be to define vlan in switch. Asuswrt gui does not support vlan but I am going to try with ssh and script.
I don't understand what you mean, at least now in my Asus DSL-N16U the wifi guest networks (I can have 3 apart from the regular wifi) are isolated from each other and from the main LAN if I mark "Intranet Access". Or aren't they really isolated?. I can access this router through telnet, but no ssh access
Agreed but pfSense is limited to one subnet per interface (physical or vlan). Correct?
In pfSense one physical interface can host multiple VLAN interfaces.
Example
Create VLAN 10, 20, and 30 on eth0
Assign OPT1 to VLAN 10 on eth0
Assign OPT2 to VLAN 20 on eth0
Assign OPT3 to VLAN 30 on eth0Create a switchport with tagged VLANs 10, 20, and 30 and patch it to eth0.
this seems a no cost solution that would let me have two separate LANs.
I really apreciate all your help, guys..many different points of view always open new perspectives.
-
"this seems a no cost solution that would let me have two separate LANs."
?? Been talking about vlans as options since first post. But your AP has to support them if you want more than 1.. You could put the wifi on its own vlan if you want via just your switch and pfsense.. But that does not allow you to have say ssid Users on vlan 10 and ssid Guest on vlan 20 unless your AP support that..
But sure if you just want to isolate your AP to its own vlan - then sure create the vlan on pfsense, do the vlan on your switch and connect the AP to a port on switch in the wireless vlan..
As to the x1 nic - there are a few other options, that was just 1 found.. If you want to play with vlans - get a AP that supports them.. I know for sure you can get unifi AP pretty much every country..
http://www.amazon.es/UBNT-UniFi-Access-Point-Standard/dp/B00HYW94J0/
-
I wanted (I still want) to know which are my options. For example, using the switch I can have 2 LANs if I also use both routers behind it (The Asus and the old Xavi 7968 I mentioned before, or the Asus and the Raspberry Pi 2 etc…).
On the other hand, there's probably some option around here (in iptv or guests wifi) I could use
At the openWRT wiki there's a page for the Asus DSL-N16U where they talk about its VLANs:
-
Why are you asking for help with those devices here?
-
Those devices guest networks only work when they are the GATEWAY!!! If you had them NAT all traffic from that device no matter what ssid they were on or wired would still just like the wan IP of that device.
If you use it as AP and turn off its dhcp and connect it to your wired network that is on a pfsense network that is the network your clients will be on.. Be it your lan, or a vlan you setup on your switch and connect to pfsense.
If you WANT to have multiple vlans based upon SSID then you need a AP that supports doing that, switch that supports vlans and setup the vlans in pfsense..
It always confuses me when users have lots of hardware, lots of computer clients and then they balk at spending a couple more bucks to do something correctly.. Get an AP that supports vlans and your all set.. Its 70 euro in that link I provided, this seems very low cost if you add up all the other costs of hardware you have already spent money on and this is something you want to do.. Vs some wifi dongle in a raspberry pi as your AP???
-
You could put the wifi on its own vlan if you want via just your switch and pfsense.. But that does not allow you to have say ssid Users on vlan 10 and ssid Guest on vlan 20 unless your AP support that..
But sure if you just want to isolate your AP to its own vlan - then sure create the vlan on pfsense, do the vlan on your switch and connect the AP to a port on switch in the wireless vlan..
That's what I'm going to try, that works for me. And if I can repeat the same proccess twice (I create a 2nd vlan in pfSense, then I define that 2nd same vlan in the switch and I attach another device behind them) will let me have a 2nd vlan…but if it doesn't, It's not a problem at all, I can perfectly work with just one LAN
Why are you asking for help with those devices here?
well, I think it's a good site to ask&learn about many things related to pfsense (probably the best site in internet) and being my network and most of its devices managed by pfsense, I thought this forum could be a good place to learn from the experience of other pfsense users. Yours, for example, have been very helpful, pointing the way to config the vlans.
Confused with that statement by gjaltemba - pfsense is more than capable of running multiple dhcp servers as long as pfsense has an interface in that network be it physical or a vlan..
Asuswrt gui gives the false impression that a Guest Network in AP mode will restrict access to your LAN but it does not.
So a no cost solution would be to define vlan in switch. Asuswrt gui does not support vlan but I am going to try with ssh and script.
I still cant understand what you mean about guest networks.
Your suggestion of defining the vlans in the switch etc is what I'm going to try
But anyway, even having just one LAN, if I just can use the Asus DSL N16U as wifi Access Point without any isolation, that would work for me.