Is a sg-3100 what I need?
-
I have a basic understanding of networking and not certain the 3100 is what I need. I’m looking to segregate my home network isolating 1 “work” pc that requires dhcp. It only needs internet access and nothing else, but it requires vpn connectivity to an external target.
Currently I have the inside int of the modem to a Linksys wireless mesh(single internal port also serving dhcp I assume with some type of PAT). This is hooked into a 8 port unmanaged switch serving multiple home computers and one work computer.
What I would like to have is inside int of the modem hooked to a 3100. 3100 opt1 port connected to work computer only. LAN port from the 3100 hooked to a 24 port unmanaged switch. The switch serving the linksys wireless and multiple other computers.
My question is can the opt1 port serve a separate dhcp scope than the lan ports? Can it handle 2 dhcp scopes at all? I believe I could go another route and just use a managed switch, but I still need something serving addresses via dhcp and I like the idea of having a pfsense firewall in a small form factor appliance.
I read through the guide and noticed dhcp could be configured on opt1, but it didnt speak to the lan ports or any type of pat/nat(regardless i never understood the claim of “nat” on soho wap since its not a 1 to 1 translation of ips)
Any help would be appreciated.
-
Yes you can have one DHCP Server per LAN/OPT interface with no problem.
If you only need 3 ports in total check out the SG-1100: https://store.netgate.com/pfSense/SG-1100.aspx-Rico
-
Appreciate your response. 3 ports is really only what I need right now. I had noticed the 1100, but wasn’t sure if there would also be a performance decrease. If the 3100 vs the 1100 was simply an increase in port count then the 1100 may be the model for me. Sincerely appreciate your response.
-
The difference from a SG-1100 to the SG-3100 will be the supported speeds, What is your WAN/Internet connection speed.
-
Well both can do 1 Gbps throughput.
Sure if you want to run lots of additional packages the SG-3100 would be a better choice.-Rico
-
@syl said in Is a sg-3100 what I need?:
hooked to a 24 port unmanaged switch
Who and the F makes a 24 dumb switch?? Never heard of such a thing.. Biggest dumb switch I have ever seen is 16 ports.
Oh looks like trendnet makes one - what a F'ing waste ;)
Oh looks like netgear does as well - who would be in the market for these? Wow... Do yourself a favor and get a "smart" version.. Get one off ebay or something if you have budget constraints.
-
HPE OfficeConnect 1420 24G
-Rico
-
Internet speeds are like 250Mbs here so sounds like either the 1100 or the 3100 would work.
As far as the unmanaged switch it’s simply a cost factor for me. I do not need anything other than a “splitter” to multiple devices basically. More than likely most of the ports would be inactive, but my house has about 18 drops in various rooms that I would just rather have connected.
I’m not a networking guy so it’s possible I’m mixing up the terms. Amazon has numerous 24 port unmanaged switches..
-
And then tmrw your going to want to isolate X from Y, etc.
I can understand a budget issues - find yourself a nice "smart" switch off ebay for your budget.. You can for sure just use it as dumb switch today... But tmrw when you need to create a vlan you will be able to.
-
@johnpoz Yeah, I thought about that. I was just trying to cut cost. I need a new tv, an Apple TV, a generac to power my house as I have numerous outages, my kid needs braces, etc..etc..etc..etc
-
We all know budgets... We Get it... But really just find a smart one of ebay if you have to save a few bucks..
I would love to have 10ge everywhere - but "budget" doesn't allow :( But just because you need "ports" doesn't mean you should get dumb ports. If your moving into the power of a real router like pfsense, at some not too future point your going to wish you had spend the couple of extra bucks and gotten a smart switch.
-
@johnpoz I’ll give it a look. I really just have that one device I need to isolate though. The only reason I’m even doing that is because that is a dedicated work machine. I can’t think of any reason I would isolate anything else.
Crap... ok.. you’re starting to convince me..
-
If a geek gets a vlan capable router, he's going to want a vlan capable switch.
-
So you have all these devices - are any of them IOT? Do you really trust them? You have anything that floods the network with multicast - pretty much any off the shelf soho shit ;) etc. etc.
-
Not really. Most devices run off wireless. Cabled I have 2 pcs for home .. a printer.. and the one work computer i want isolated. I also have a steam appliance, a smart home hub(homeseer) and prob a few other odds and ends. I was already debating buying a managed switch however. But it was 200 more than a non managed one.
-
I had to look up IOT and I’m not certain really. The only unusual thing i have going on is the smart home and I don’t like the fact that the amazon echo has to go out to the internet to talk to my internal hub sitting 20’ from it. I have various light switches all connected to homeseer that is controlled via Alexa.
-
I will prob end up with the managed switch route. You guys are right in that I don’t really have a need for it now(that I’m aware of at least), but I might as well fork over the cash than having to buy one in the future. I was holding out as I figured if i installed cameras too then I would need a separate more expensive switch supporting POE. All of my smart home devices are wireless at this time except the hub and echo. I just can;t think of anything I would want to isolate other than that one computer since all the other devices are isolated to some degree being served over WiFi. Obviously I’m not a network admin however..
-
For $200 (US?) total I expect to be able to get a pretty decent 24 port managed switch second hand. Maybe even with PoE.
What you probably will get with that though is higher power consumption. But you'd probably have to run a new switch for decades to make that back.
5mins on ebay brings up stuff that.... I'm actually considering buying.
Steve
-
For $200 you could get a cisco sg350.. 28 ports.. Its on amazon for like $180 currently NEW!
On ebay your in the $50 budget for 24 port smart switch, etc.
If all your devices are wireless - WTF you need a 24 port switch for? ;)
If your going to put in lots of cameras and multiple AP then ok poe switch might make sense... But if your talking a handful of them, then you can just use poe injectors.. Especially if your on a budget - because poe switches going to cost you more.
BTW - now as stated that you have a vlan capable router, your going to want vlan capable switch - and goes along with that vlan capable APs ;)
-
@johnpoz said in Is a sg-3100 what I need?:
BTW - now as stated that you have a vlan capable router, your going to want vlan capable switch - and goes along with that vlan capable APs ;)
Ha. It's a slippery slope!
Not in any way vouching for this device or seller but I'm told I'm not allowed to buy any more second hand switches so...
Steve
