Integrating On Prem Windows OS Server 2019-Lenovo Rack Mount Server HW
-
Can someone refer me to any pfSense docs or book literature that explains how to prepare pfsense OS for including an on premise server running windows os 19 ( will be using mostly for patch management/version control)...I assume I connect the server between my layer 3 netgate firewall and my layer 2 juniper ex series switches...any recommendations would be very much appreciated. We will also be obtaining synology NAS for our SMB back up and restore cloud data locally for business continuity in times when the cloud is problematic or compromised.
-
It's unclear exactly how you intend to use Windows server here. I would normally expect it to be connected to a switch port like any other host, no special configuration required in pfSense unless you wanted to put it another subnet perhaps so you could filter traffic to/from it specifically.
The fact you are planning to connect it between the firewall and switches implies you will have multiple NICs in it and will use it for routing or filtering. Is that that case?Steve
-
So this my first foray into working with an on premise server and the objective for this windows server machine is Active Directory and Configuration Manager - to do centralized patch management and version control of our users workstations which are both windows os and mac os devices. In addition to this rack mount server, I am getting a NAS sever for on prem file backup, restore, and immediate retrieval so as not to have sole relaince on upstream/downstream variables form google cloud platform as we are using g suite business app suite for all our company data opertaions. So, the windows server is for user workstations maintenance and security and the NAS is for local files management. No routing and filtering planned for the windows server, so I could just plug it into one of my switches ports as is?
-
Yes, that's what I would expect. Just connect the server and NAS to the switches.
There may be other considerations like do you need redundancy? You might use dual connections to the switch to allow for more bandwidth or NIC/cable failure. That's common for a NAS.
pfSense has no part in that though. The only way it would is if you wanted those servers in a different subnet so you could filter traffic between them and general clients. For an AD server though you probably don't as it's better to use that for DHCP, DNS etc and it needs to be in the same segment for that.Steve
-
Okay so I will work on link aggregation on the switch for the NAS...how many ethernet link ports is usually used for NAS? 2, 3, or 4? I suppose it depends on what I have available in the switch...I know this is no longer pfsense talk so I do appreciate very much the insight you are imparting...
-
Yup, pretty much depends on what is available on the switch and the NAS and what protocols each supports. It would be surprising if both didn't support LACP though. Also how the NAS is going to to be used, there may be no advantage to using 4x Gigabit connections if clients are only transferring occasional large files for example.
You could then add a 2 port lagg to pfSense for redundancy. But pretty soon you're looking stacking switches etc.
You probably don't need that at this point.Steve
