Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Small network setup

    Scheduled Pinned Locked Moved Routing and Multi WAN
    18 Posts 5 Posters 3.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • jahonixJ Offline
      jahonix
      last edited by

      Why do you put a router behind a router? Double NAT is not considered best practice.

      You will not be able to "discover" your HDD (assuming it's a NAS) as it resides in a different broadcast domain. You will be able to reach it via routing.

      1 Reply Last reply Reply Quote 0
      • C Offline
        ChefRayB
        last edited by

        Depends how the HDD is exposed.  I never required to do this but I believe you should have an interfac in your router/modem that you can setup how your HDD is accessible.  I think usually it's SAMBA.  ( It's years I don't do this )  You should have a tab with SAMBA, WORKGROUP, etc….

        Before you break your head to put rules and stuff, I would simply connect a computer directly to the modem/router, get the IP address from the ISP  and see if you can acess the HDD via \ISP IP Address\shared directory.  Does it work ?

        If that works, then in theory you should be able to access after pluging back the pfsense box and access it from your computer assuming you have the right routing rules....

        Someone more knowledgable should answer afterwards.

        1 Reply Last reply Reply Quote 0
        • ? Offline
          A Former User
          last edited by

          @jahonix:

          Why do you put a router behind a router?

          I honestly don't understand this. I only have one router in my setup. This router also is a modem, splitter, everything. So it does everything for me and I don't need another router. You know, sometimes your ISP gives you a modem and you need to bring your own third party router. In my case, my FritzBox! is the router and modem and everything else. Behind that router, I wanted to install my pfSense hardware firewall.
          And yes, I don't want double NAT and only one broadcast domain, therefore the switch and only one router in my network.

          @ChefRayB:

          Depends how the HDD is exposed.

          The HDD is exposed as a Samba share I guess. You plug it into your router and the router makes the hdd accessible via the network group, so you can find it under network settings with your computer.

          1 Reply Last reply Reply Quote 0
          • D Offline
            doktornotor Banned
            last edited by

            Huh, what? pfSense is routing and you have clearly not one but two routers there.

            1 Reply Last reply Reply Quote 0
            • ? Offline
              A Former User
              last edited by

              @doktornotor:

              Huh, what? pfSense is routing and you have clearly not one but two routers there.

              I mean yes, pfSense is routing, but the "real" routing is done by my modem which also is a router. So, yes I technically have two routers, but I only consider it as one since my router is also my modem and I can't leave it off. pfSense wouldn't work without it.

              1 Reply Last reply Reply Quote 0
              • D Offline
                doktornotor Banned
                last edited by

                OK, so pfSense is doing "unreal" routing…  ::)

                You can either bridge that Fritzbox thing, or have double NAT. Either way, putting some local file shares on your WAN is the exact opposite of normal setup.

                1 Reply Last reply Reply Quote 0
                • ? Offline
                  A Former User
                  last edited by

                  @doktornotor:

                  OK, so pfSense is doing "unreal" routing…  ::)

                  You can either bridge that Fritzbox thing, or have double NAT. Either way, putting some local file shares on your WAN is the exact opposite of normal setup.

                  I guess the term "routing" is posing an issue here :D Let me just say, my modem which also tends to be my router and which establishes my internet connection should only perform the latter. pfSense should do the main work, routing, encrypting, and so on. 
                  My only question was if I can "find" the shared external hard drive connected to my modem "in front of" my pfSense firewall ;)

                  1 Reply Last reply Reply Quote 0
                  • jahonixJ Offline
                    jahonix
                    last edited by

                    @layentara:

                    I guess the term "routing" is posing an issue here

                    it's not the term, it is this function.

                    @layentara:

                    pfSense should do the main work, routing, encrypting, and so on.

                    Is your "HDD" supposed to be available from public internet or just local?

                    @layentara:

                    My only question was if I can "find" the shared external hard drive connected to my modem "behind" my pfSense firewall

                    The answer didn't change:
                    You will not be able to "discover" your HDD as it resides in a different broadcast domain. You will be able to reach it via routing.

                    1 Reply Last reply Reply Quote 0
                    • ? Offline
                      A Former User
                      last edited by

                      @jahonix:

                      Is your "HDD" supposed to be available from public internet or just local?

                      Just local. I wanted to connect my hdd to pfSense, but I read that pfSense doesn't support sharing it on the network as a network drive. I also don't want connect it to my computer because it should run as a network attached storage. It's not a dedicated NAS, it's just a plain external hard drive with usb 3.0, but my Fritzbox has the ability to share it as a network drive.

                      @jahonix:

                      You will not be able to "discover" your HDD as it resides in a different broadcast domain. You will be able to reach it via routing.

                      .. and this sounds good =) How would I route to it?

                      1 Reply Last reply Reply Quote 0
                      • johnpozJ Online
                        johnpoz LAYER 8 Global Moderator
                        last edited by

                        So what network is on pfsense wan?  What network is on its lan?

                        So your HDD your sharing off your edge router.  What protocol are you want to use to access this HDD, windows file sharing? (SMB).  Some web gui?  Just hit the disk via its IP, or most likely your edge routers IP that is sharing the HDD content..

                        An intelligent man is sometimes forced to be drunk to spend time with his fools
                        If you get confused: Listen to the Music Play
                        Please don't Chat/PM me for help, unless mod related
                        SG-4860 25.07.1 | Lab VMs 2.8.1, 25.07.1

                        1 Reply Last reply Reply Quote 0
                        • ? Offline
                          A Former User
                          last edited by

                          @johnpoz:

                          So what network is on pfsense wan?  What network is on its lan?

                          So your HDD your sharing off your edge router.  What protocol are you want to use to access this HDD, windows file sharing? (SMB).  Some web gui?  Just hit the disk via its IP, or most likely your edge routers IP that is sharing the HDD content..

                          Actually, I haven't built anything up yet, so I don't know yet. Will do it next weekend when I have all my parts. I can only tell you that the LAN port (of the mainboard) of the pfSense box will be connected to the LAN port of my edge modem and the LAN port of the NIC of the pfSense box will be connected to the switch.

                          I want to access the HDD via the Explorer, so no ftp client or other tools. Just a folder / shortcut to the HDD on my desktop. So this means, I have to tell pfSense the IP of my edge router? Is this a new routing rule?

                          1 Reply Last reply Reply Quote 0
                          • jahonixJ Offline
                            jahonix
                            last edited by

                            layentara, may I propose that for your HDD you just buy something like:

                            • QNAP  TS-128 or TS-131P or HS-251+
                            • Synology  DS-115j or DS-116
                            • Pogoplug  …
                            • ...
                              and connect it to your switch where your computer(s), printer, AP, ... hang off as well. Nothing else makes sense in your case. Just forget about the USB port on those Fritz!Dings and be fine. Honestly, really!
                            1 Reply Last reply Reply Quote 0
                            • ? Offline
                              A Former User
                              last edited by

                              @jahonix:

                              and connect it to your switch where your computer(s), printer, AP, … hang off as well. Nothing else makes sense in your case. Just forget about the USB port on those Fritz!Dings and be fine. Honestly, really!

                              Thanks for your suggestion, jahonix. Indeed, I was also thinking about that. The only problem is that I had to invest more money if I would go this way. By selling the 2nd router and some other things, I would have made enough money to buy the switch and LAN cables, so 0 investment for me.
                              By going the NAS way, I had to buy the NAS itself and a hdd that would cost me around 200€.
                              I was thinking about getting a rp3, but that thing doesn't support usb 3.0.
                              So yeah.. I have to think about it again and try to find my own solution. Thank you anyways, guys!

                              1 Reply Last reply Reply Quote 0
                              • jahonixJ Offline
                                jahonix
                                last edited by

                                @layentara:

                                …getting a rp3, but that thing doesn't support usb 3.0.

                                So you think that routing packets to another subnet makes accessing your data on the HDD faster?
                                If you are somewhat serious about speed then go for a NAS placed within your PC's broadcast domain.

                                BTW: the Fritz!things aren't exactly known for speed when accessing file shares…

                                1 Reply Last reply Reply Quote 0
                                • johnpozJ Online
                                  johnpoz LAYER 8 Global Moderator
                                  last edited by

                                  Yeah I second jahonix here - there is Zero reason that it makes sense to share a disk your network needs on the wan side.. Share it on the lan side so your on the same L2..

                                  An intelligent man is sometimes forced to be drunk to spend time with his fools
                                  If you get confused: Listen to the Music Play
                                  Please don't Chat/PM me for help, unless mod related
                                  SG-4860 25.07.1 | Lab VMs 2.8.1, 25.07.1

                                  1 Reply Last reply Reply Quote 0
                                  • ? Offline
                                    A Former User
                                    last edited by

                                    @jahonix:

                                    So you think that routing packets to another subnet makes accessing your data on the HDD faster?

                                    That wasn't my intention. I wanted to get that rp3, use it as a NAS in the same network domain as my computer and connect my HHD to it. But it doesn't support usb 3.0, therefore it's not an option. I will go for a dedicated NAS device now.

                                    1 Reply Last reply Reply Quote 0
                                    • C Offline
                                      ChefRayB
                                      last edited by

                                      if you were thinking rp3, then you can perhaps consider ODROID XU4, linux supported, usb 3.0 supported

                                      I personally have Synology DS415+ (4 bay, 2 lan) and I think it's an overkill for a home network of few people and perhaps 2-3 simultaneous streams…  It takes too much space, consumed easily between 15-30watts  and the memory/cpu rarely goes high.  I should have went with a 2 bay and just put bigger drives in mirror mode and save space under my TV cabinet...

                                      With a Synology NAS, you can access the data via SMB, NFS, Plex, DLNA/UPnP, FTP.

                                      1 Reply Last reply Reply Quote 0
                                      • First post
                                        Last post
                                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.