use existing router, put it in switch mode, or use a stand alone switch and router as WAP?

General pfSense Questions
Log in to reply
  • I

    I have to order a 2nd NIC and an SSD but as soon as I get it'll be throwing them into an older desktop I have lying around to make my pfSense server. After I build it figure I have a few options and I'm not sure which is the most ideal.

    I currently have a TP-Link Archer C7 AC1750 router with OpenWRT on it and I have some spare D-Link 8 port switches. At minimum I want pfSense as FW with IDS/IPS, DNS over TLS, and pfBlockerNG.

    With that said, I figure these are my options:

    1. cable modem > pfSense as just FW > existing router as DHCP server and WAP > wireless and wired clients
    2. cable modem > pfSense as FW and DHCP server > existing router as switch and WAP > wireless and wired clients
    3. cable modem > pfSense as FW and DHCP server > 8 port switch > wired clients and existing router as just a WAP for wireless clients

    Thoughts?

    0
  • KOM

    3 is the preferred method.

    0
  • stephenw10
    Netgate Administrator

    Separate access point is usually better device and allows you to position it far better for coverage.

    If the coverage is good enough and you have such a device already though try option 2.

    Steve

    0
  • I

    Thanks guys. I think I'm gonna get a 4 port LAN PCI card and then will use the current router as just WAP and eventually replace it with just a simple WAP.

    0
  • johnpoz
    LAYER 8 Global Moderator

    While yes you could use your old wifi router as just switch and your AP.. 4th method you didn't list which is the "best" way would be

    cable modem > pfSense as FW and DHCP server > 8 port smart switch > wired clients and AP with vlan support

    And then sure pfsense with multiple interfaces is always a plus, and even more ports on your switch allows for multiple uplinks for different "vlans" so your not sharing physical interface..

    And yes as mentioned already - multiple AP that all support vlans is even better.. I have 3 unifi AP in my small home.. Allows for great coverage everywhere!

    All comes down to what your budget allows you to get ;)

    0
  • I

    I am actually thinking of getting a 4 port NIC. I just need to find a good one that is less than 50 bux. I am reading the i340-T4 or i350-T4 but it looks like the cheap ones on eBay are from China.

    0
  • stephenw10
    Netgate Administrator

    Are you planning to use the 4 port NIC instead of the switch?

    Whilst that is somewhat possible an actual switch is far better.

    Steve

    I 1 Reply 0
  • I

    @stephenw10 Well I was thinking of it but now I realize I can't. My MB does not have a x4 port and I cannot use the x16 for anything other than video (older MB). So I need to find a good x1 NIC and from what I can tell those only come with 1 port.

    0

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy