Setup cisco sg300-20 for pfsense
-
hi bro's,
i just got my used cisco sg300-20 switch, what is the best configuration to the pfsense? here are my devices will be use 2 ipads, 2 mobile phone, 1 cctv recorder with 2 cameras, 1 brother printer, 2 desktop computers, 1 NAS and last a ruckus 7363 wireless AP .
-
Scenario 1:
(pfSense has a LAN and DMZ zone)The WLAN AP is multi-SSID capable and is so getting two SSIDs each in his own VLAN
VLAN20 - WLAN1 - SSID privat (internal usage) - 192.168.5.0/24 (255.255.255.0)
Radius server and certificates and client isolation enabled
VLAN30 - WLAN2 - SSID guests (external usage) - 192.168.6.0/24
Captive Portal with vouchers and client isolation enabled
VLAN40 - LAN - 192.168.7.0/24 - PCs, printer, NAS
OpenLDAP on pfSense, a small Linux based RaspBerry PI 2.0 and SAMBA or on the NAS
1 cctv recorder with 2 cameras in the DMZ and from outside you will be able to
connect to them over a VPN connection.Scenario 2:
(pfSense has only one LAN zone)VLAN20 - WLAN1 - SSID privat (internal usage) - 192.168.5.0/24 (255.255.255.0)
Radius server and certificates and client isolation enabled
VLAN30 - WLAN2 - SSID guests (external usage) - 192.168.6.0/24
Captive Portal with vouchers and client isolation enabled
VLAN40 - LAN1 - 192.168.7.0/24 - PC1
OpenLDAP on pfSense, a small Linux based RaspBerry PI 2.0 and SAMBA or on the NAS
VLAN50 - LAN2 - 192.168.8.0/24 - PC2
OpenLDAP on pfSense, a small Linux based RaspBerry PI 2.0 and SAMBA or on the NAS
VLAN60 - LAN3 - 192.168.9.0/24 - printer & NAS
VLAN70 - TVCVR - 192.168.10.0/24 - 1 cctv recorder with 2 cameras
Connect form outsideLikes you want to go with both might be able to realize for you. I personally would go with the
Scenario 2 that will be faster and more finely diced into isolated areas. -
very thank for your reply, brother.