Best way to allow another network access to a server.
-
You don't really need a vpn unless your worried about someone sniff the traffic over the PTP..
Just connect your p2p network as transit network between your houses..
Lets say your using transit network of 172.168.0.0/30 with pfsense H1 having .1 and H2 having .2
Just create a gateway on pfsense pointing to the network on the other side 192.168.X on each pfsense.. Create any firewall rules you want on the interface you connect your p2p on pfsense.
-
That was what I was looking for, I'd never done this before. Thanks.
-
When you create the gateway make sure your not using it as default. And then you would create your route via that gateway in your static route section. You also want to make sure pfsense is not natting the connections out these gateways you create..
So does your pfsense have other interfaces you could use, or are you going to have to do this over a vlan to pfsense lan interface?
Pretty slick to be honest. So how far away are these houses? And how fast is the connection? Once you have this sort of connection setup you could even leverage this ptp so that if internet went down at house 1 it could leverage house 2 internet ;)
What specific unifi gear you using - cost of it if you don't mind.. Curious minds and all ;) hehehehe
-
As a side note: make sure that local networks of building #1 and #2 differ otherwise routing between them is a problem.
-
What would be the best way to give House 2 network access to just the Surveillance and File Servers on the House 1 network as shown in diagram?
This is pending on some more information given by you.
WAN Speed?
Router or Firewall VPN capabilities?
Distance between the houses and other buildings in that region?In normal I would say there are also some ways you could try to go;
- VPN if the houses are not neighbours or on neighbours ground
- But if so, you could try out setting up a LWL cable (fibre) from one to the other network
- encrypted WLAN and on the one side with the servers a VLAN with both of them inside
Just access to the servers, nothing else,
Give them only access to a VLAN where that both devices are stored in
and work with Switch ACLs and/or Firewall rules like you are able to do.using existing Ubiquity PNP hardware.
Would you please so friendly and tell us first what UBNT hardware you own and what this
hardware has also to do too! Or in short what UBNT hardware is there in usage?Basically put a cable between the two HP Switches…
But then please use a fibre cable to hold the electric grounding not that the potential equalization
will be broken between this houses.That was what I was looking for, I'd never done this before. Thanks.
And how many space is there between this houses? Sight contact or not?
Ubiquiti NanoBeam M5 NBE-M5-16 - 2 -device-pack or
Ubiquiti NanoBeam M5 NBE-M5-16 - 2 -device-packOn each side a VLAN with only the PtP devices and on the side with the servers one more
VLAN for that two devices. Contact allowed only for the VLANs where the two servers are inside. -
When you create the gateway make sure your not using it as default. And then you would create your route via that gateway in your static route section. You also want to make sure pfsense is not natting the connections out these gateways you create..
So does your pfsense have other interfaces you could use, or are you going to have to do this over a vlan to pfsense lan interface?
Pretty slick to be honest. So how far away are these houses? And how fast is the connection? Once you have this sort of connection setup you could even leverage this ptp so that if internet went down at house 1 it could leverage house 2 internet ;)
What specific unifi gear you using - cost of it if you don't mind.. Curious minds and all ;) hehehehe
Nanostation M5 with a Rocket M5/omni antenna. Parts are available on amazon.
Here are views from the cameras. White house at Top of the "North" camera is House 2, the bottom right "South weather camera" is at House 2 looking back at House 1. http://crowderfarm.com/Web_Cams.php Built this setup so I can see the livestock from work. CMS is Blue Iris Software.
I'm going to attempt linking the network this week, as I get time, I am sure I will have questions. Attachments show the band width. I am planing on replacing the radios with a RocketAC (R5AC-LITE) and Ubiquiti Nanobeam NBE-5AC-16 for more bandwidth.
Thanks,
Bill
-
These average 13Mbps traffic consist of how many camera streams?
-
These average 13Mbps traffic consist of how many camera streams?
2 currently, will be adding another which will result in approx 19Mbps consistently. This is usually controlled by the camera settings, I tend to set 1080p cameras to a constant bit rate of 6144/sec.
-
What's your viewing intention?
Surveillance should be good with 2-3 Mbps at 1080p but depends on encoder quality. 10Mbps would be broadcast quality.
Just returned from a stadium where we installed approx. 50 IP cameras for police surveillance. Gameday today so I was stand-by on site. -
What's your viewing intention?
Surveillance should be good with 2-3 Mbps at 1080p but depends on encoder quality. 10Mbps would be broadcast quality.
Just returned from a stadium where we installed approx. 50 IP cameras for police surveillance. Gameday today so I was stand-by on site.I maintain a network of 50 times 50+ cameras, "regulations" control my bit-rate and frame rate and network, not allowed to give an actual number. https://www.frenchlick.com/ At home for clarity of image there is a huge difference between 3Mps and 6Mps. I understand you point, but storage is cheap. :)
-
for clarity of image there is a huge difference between 3Mps and 6Mps.
Absolutely.
That's why I asked what you want to see.The resort looks nice.