2-NIC box with pfSense + L3 switch
-
I’m a beginner in networking and have been experimenting with a pfSense installation on an old computer. I now need to get a more permanent solution.
Some basic requirements:
• Throughput is not too important. This will not be used for a VPN and the internet connection here is slow and will be slow for years to come.
• Low power consumption.
• Quiet operation, passively cooled would be ideal.
• 4 NIC ports minimum to connect to WAN and three separate LAN networks.
• Has to be new equipment.The pfSense partners in Europe are selling the Netgate SG-3100 for about EUR 500 including tax and delivery. As an alternative, I am considering a Shuttle mini PC with 2 Intel NICS for about EUR 200.
I’m a total beginner in networking, and have only vague idea about this, but is there a way to configure pfSense to use one of the Shuttle’s on-board NICs as WAN and then connect a layer-3 switch to the second NIC? Would this be possible and still enable me to keep all three LANs separate?
I’d like to get some feedback on whether this type of a setup with a layer-3 switch could be set up with the pfSense software. Would this setup be overly complicated for a beginner?
-
Yes, but it doesn't need to be a layer 3 switch. Any managed switch that can do VLANs will work there.
Just create VLAN interfaces in pfSense, trunk them to the switch via one Ethernet link and configure the switch to have ports in VLANs as appropriate.Steve
-
Is there a way to configure this without specifically using VLANs?
This is an exploratory project and at the present time, each of the three LANs would only contain one computer. There would be no downstream devices other than a computer. So the setup would look like this:
Is there a way that I could configure pfSense to treat Port 2, Port 3, and Port 4 of the switch as separate networks (each containing only one computer) without using VLANs?
I'm not too familiar with VLANs, but it makes sense that VLANs could be used for this functionality; however, would VLANs have to be used for a simple setup as shown above?
-
@pf-beginner Have you considered a PC Engines APU4D4? That would give you the 4 ports you want, meets your other criteria, and should be around €200.
-
As mentioned you do not need a L3 switch to do what your asking.
You could get a 5 port smart switch that does vlans for like $35-40
example
https://www.amazon.com/dp/B08MV9315K/ref=twister_B08VL4DQPT?_encoding=UTF8&th=1
$30For your setup - get a netgate sg-1100, and 5-8 port smart switch..
-
@pf-beginner said in 2-NIC box with pfSense + L3 switch:
Is there a way that I could configure pfSense to treat Port 2, Port 3, and Port 4 of the switch as separate networks (each containing only one computer) without using VLANs?
No. Or at least not any way I would consider reasonable.
You need 3 VLANs on the link between pfSense and the switch to segregate the 3 networks sharing the same cable.
It's not complex though. The simplest VLAN capable switch could do it.
Steve