Hardware for using pfsense as a managed switch?
-
We are replacing expensive company Internet lines with low cost residential VDSL lines, plus adding …
What the hell does this have to do with "using pfsense as a managed switch"? Create a new thread for your topic.
-
Hi all.
Thanks for all the thoughts. This just goes to show how inexperienced i am that i even asked the question. I like tinkering and i figured that if i could find something with 4 to 8 ethernet ports i could load an OS on it and away i go. Guess such hardware isn't available the way this sounds.
Anyway, my origional question was answered. I baught the (TL-SG108E) before reading this so will work with it and see if i run into issues. Someone mentioned a possible vlan issue with this unit. Could you elaborate? Do vlans not work at all? or just certain types?
I'm new with vlans so will probably struggle a bit once i get this configured but that's fine, i like a good challenge.
As for the cli, I am familiar with junos, but nothing much else. I'd love to buy a junipor switch but they're to expensive for what i'm doing.
Curious, does pfsense have a good cli? The one time i logged in via ssh i didn't see one but i may have missed something.Thanks again for all the help.
-
250-post thread here:
https://forum.pfsense.org/index.php?topic=76022.0
-
I'd prefer working in the CLI too. Most times I go the CLI route even if a GUI is available.
Ditto. I've found most easy to get around in. If you're familiar with the cli in a Cisco switch it's hardly a jump at all to manage a Dell switch, for example. They're that close.
-
For some little edge switch, I really don't care as long as the web interface actually does what you tell it to do. A proper management VLAN capability for the web interface is also nice.
CLI all the way for real work.
-
as long as the web interface actually does what you tell it to do
And just as important is that it's clear that what you think you're doing is what you're actually doing. I've never really dealt with the web interface in a fully managed switch, always used the CLI, but in the "prosumer" (I hate that term, but it actually seems applicable here) realm the hardest part IMO (for someone otherwise comfortable managing a switch) is that translating what the interface says to what is actually happening can be less than intuitive. Obviously it's not rocket science, but I don't fault anyone for not initially realizing that "PVID" = "native VLAN" for example.
-
Right - and that is specifically one of the areas the switch in question falls on its face - the PVID.
-
Right - and that is specifically one of the areas the switch in question falls on its face - the PVID.
I know. I have two of them. They'll get replaced pretty soon but it's mostly because I need more ports. For my uses they've actually been fine, and the PVID issue that has been discussed extensively is largely academic for me in my home environment.
-
I baught the (TL-SG108E) before reading this so will work with it and see if i run into issues. Someone mentioned a possible vlan issue with this unit. Could you elaborate? Do vlans not work at all? or just certain types?
I use 2 of these at home right now and the PVID issue aside, they work fine.
In a nutshell, the issue is that no matter how you assign VLANs, VLAN1 is always available on any given port and that leads right to the management IP. That's a big no-no for the office, but in real world home use, it won't affect how the switch actually works with VLANs. If you already have it, use it. It's fine for home use. All the VLAN stuff that you would want with pfSense will work.
-
I use 2 of these at home right now and the PVID issue aside, they work fine.
In a nutshell, the issue is that no matter how you assign VLANs, VLAN1 is always available on any given port and that leads right to the management IP. That's a big no-no for the office, but in real world home use, it won't affect how the switch actually works with VLANs. If you already have it, use it. It's fine for home use. All the VLAN stuff that you would want with pfSense will work.
Thanks for the explanation.
For me here, having access to vlan 1 isn't a problem, I get why you say it would be a problem in larger office networks though, although, if i was working on such a network i'd not use home equipment at all which kind of takes care of that. -
"if i was working on such a network i'd not use home equipment at all which kind of takes care of that."
You would be surprised on the VAST amount of "home" line equipment you find in a "office"… It really just blows my mind... You see an office running some linksys home router for their wifi and or even internet connection router/firewall.. Cheap dumb switches all over the place, etc.
To be honest the tp-link even with its horrific vlan 1 issue and the errors they show on tagged traffic in their counters, etc. Would be a major upgrade for some "offices" I have seen over the years ;)
I picked up one of these tplinks awhile back - saw it on sale, and lots of thread here it comes up. So wanted want to play with to be able to validate what people were saying/asking/etc I think I got the 8 porter for like $25 to the door.. Its sitting on the floor in my computer room with a few pi's connected to it, and the smarthub for my garage door connected in the iot vlan while the pi's are in the dmz vlan.. I have zero worries about someone plugging into a port and getting to the management of the switch.. So yeah as others have said for such a use, its CHEAP and you can tag vlans with it..
But if you have a few extra bucks to spend there are far better options... Next on my list of play switches that I have been seeing lots of questions on (mostly other forums) is the zyxel 1900 line, which is very reasonable priced.. And has way more of a feature set than bottom of the line tp-link switches. I hear the "business" line is way better, etc.
-
Curious, does pfsense have a good cli?
It has a shell, yes. If you log in (ssh) with "root" (using the same password you use for "admin" in the GUI) you'll get, by default, a menu. Option 8 (IIRC) will get you a shell. I don't believe there's a CLI as such specifically for managing pfSense, but in the shell you can do whatever you would in FreeBSD.
-
We are replacing expensive company Internet lines with low cost residential VDSL lines, plus adding …
What the hell does this have to do with "using pfsense as a managed switch"? Create a new thread for your topic.
Because I am asking for an recomendation on a switch as in the thread discussed. Just not on the LAN side, but on the WAN side.
