Setup cisco sg300-20 for pfsense



  • hi bro's,

    i just got my used cisco sg300-20 switch, what is the best configuration to the pfsense? here are my devices will be use 2 ipads, 2 mobile phone, 1 cctv recorder with 2 cameras, 1 brother printer, 2 desktop computers, 1 NAS and last a ruckus 7363 wireless AP .



  • Scenario 1:
    (pfSense has a LAN and DMZ zone)

    The WLAN AP is multi-SSID capable and is so getting two SSIDs each in his own VLAN
    VLAN20 - WLAN1 - SSID privat (internal usage) - 192.168.5.0/24 (255.255.255.0)
    Radius server and certificates and client isolation enabled
    VLAN30 - WLAN2 - SSID guests (external usage) - 192.168.6.0/24
    Captive Portal with vouchers and client isolation enabled
    VLAN40 - LAN - 192.168.7.0/24 - PCs, printer, NAS
    OpenLDAP on pfSense, a small Linux based RaspBerry PI 2.0 and SAMBA or on the NAS
    1 cctv recorder with 2 cameras in the DMZ and from outside you will be able to
    connect to them over a VPN connection.

    Scenario 2:
    (pfSense has only one LAN zone)

    VLAN20 - WLAN1 - SSID privat (internal usage) - 192.168.5.0/24 (255.255.255.0)
    Radius server and certificates and client isolation enabled
    VLAN30 - WLAN2 - SSID guests (external usage) - 192.168.6.0/24
    Captive Portal with vouchers and client isolation enabled
    VLAN40 - LAN1 - 192.168.7.0/24 - PC1
    OpenLDAP on pfSense, a small Linux based RaspBerry PI 2.0 and SAMBA or on the NAS
    VLAN50 - LAN2 - 192.168.8.0/24 - PC2
    OpenLDAP on pfSense, a small Linux based RaspBerry PI 2.0 and SAMBA or on the NAS
    VLAN60 - LAN3 - 192.168.9.0/24 - printer & NAS
    VLAN70 - TVCVR - 192.168.10.0/24 - 1 cctv recorder with 2 cameras
    Connect form outside

    Likes you want to go with both might be able to realize for you. I personally would go with the
    Scenario 2 that will be faster and more finely diced into isolated areas.



  • very thank for your reply, brother.


Log in to reply