Moving – Want to protect myself and my roommates with pfSense
I've been poking around a bit on reddit and some other places. At this point, I need to start figuring out pfSense specifically. At the recommendation of others, I know pfSense is a good tool for the job, but I don't know much besides that.
For reference, here's the gear I currently have to work with:
So, I'd like to set up pfSense going through my VPN provider, Private Internet Access. My ISP will be Cox, and we should be getting a 300Mb/s Down, 30Mb/s Up profile. The ASUS router has much too weak of a processor to run through PIA even though I have flashed the firmware to a more versatile one that allows VPN forwarding.
Regarding the VPN forwarding, I understand it's possible to put "most" of our in/out traffic through the VM and leave "some" of our traffic going out into the ordinary internet. If at all possbile, I'd like to have our video games use the open internet for the sake of minimal latency. Are there any elegant solutions for this? Ones that would require the least tinkering when we decide to try a new game or whatever else.
I'd also like to set up a NAS on the LAN, this is originally what I bought the Supermicro board for. I am not opposed to doing virtualization, but the little bit of playing with hypervisors has been a bit of a headache. I couldn't get gaming VMs running on Ovirt, I think I tried one or two other hypervisors besides Ovirt, but none of the documentation I was referencing (that people pointed me to) seemed to apply to the versions I was working with… I did eventually get gaming VMs working (on another project, on different hardware) in Antergos.
I see that pfSense offers their own hardware (and I've heard they even use the Supermicro board I have), does it make fiscal sense to purchase a pfSense router from them? Do any of the cheaper models support my expected Down/Up speeds? Are there some strange limitations to these cheaper devices?
For whatever it's worth: on the network, we'll likely have about six desktops connected via ethernet, and at most six devices connected via wifi at normal times. Oh, and the NAS.
And a weird question: We live in South Louisiana right next to a river. Would the either the attic, a poorly insulated utility room, or a detached shed be a suitable place for any of this equipment? A lot of them can be run fanless, but I'm a little nervous about putting several 24/7 hard drives in an enclosure without circulation… but I would like to keep that noise out of our living space if at all possible. I totally can put consideration into quietly cooling the NAS, but just getting it out of the way would be an easy solution if it's not a harmful one.
Edit: Sorry, I wrote all this out and didn't exactly format this as a question...
I'm wondering what the ideal way of setting up pfSense in this situation is. Ideally, within a week or so we'll be having our internet connection installed and I'd like to try to get a pfSense router up and running on my current connection so I can just drop it in at the new place and we can be safely connected ASAP.
Attics get very hot in the summertime. Temperatures well over 160*F, this is way over the recommended operating temperature for Industrial grade equipment. It will not work
Definitely not in the attic. Put it in the utility room or on a shelf in the closet if you must.
Install pfSense. Set a port as WAN and one as LAN on the pfSense box.
Connect your switch to pfSense LAN port.
Then connect your RT-66N to the switch so it is an extension of the same LAN. You will plug your cable into a LAN port on the RT-66N and turn off the DHCP server on the RT-66N. The pfSense box will be the only DHCP server for your install issuing an ip to all clients connected via cable to the switch or via WIFI through the RT-66N. See:
Plug the NAS into the switch with all your other clients.
To set up PIA VPN see:
That should get in the ballpark.