PfSense dual & segregated networks.



  • Hello, fellow pfsense community members!  I have come to ask you some things about pfsense. (obviously. Otherwise,  would I be here?)

    The question I have, is how the heck do I make it to where nothing I do on my side of the network affects nothing on my parents side, but all the while still being extremely secure?  At current, I have a modem plugged into the wall, then a PfSense box plugged into that, which I use to split the network into two with a dual port ethernet NIC. One port going to a wireless router for my parents network and the other going straight into my PC.  My parents network is "LAN", and my network is "OPT1" I have everything setup the same (with exception of my firewall rules, which are intensely secure on OPT1).  This is how my network is setup. Now comes the problems/question(s).

    I would like to enable Snort on my PfSense box. I have everything setup correctly and securely on both wan and opt1 along with normal suppression settings allowing things such as normal internet traffic, games, and chat services such as teamspeak to go through.. (Nothing on lan because I was afraid it would cause interference with their network)  Everything was working all fine and dandy until my father decides to be a casual and play on his PS4.  (For the first time since snort has been setup.)  He starts chatting with his buddies and playing world of tanks with them, and then all of a sudden he can't talk to them any more and my sisters tablet quits playing youtube videos.  My father then proceeds to rage and freak out because "the internet is garbage"

    How do I make it so that I can have optimal security, while leaving my parents network virtually untouched and allowing everything through?

    Thank you for your time in reading this.