Intentional Asymmetric Routing to a VLAN.
-
I was mostly using this as a learning experience. I have only been "pfSense-ing" for a couple of weeks.
The funny thing is if I connect to one of my main switch ports on the same VLAN (90) that is upstream of the AP itself, I can connect to the interface by IP.
In any case thanks again!
Phizix
-
Well yeah sure - your on its same network, no need for gateway or route ;)
see my edit - when you start to move away from toys, its time to move into real equipment that supports more sophisticated setups.. But there is a cost to doing that ;)
While many users love to use pfsense in their home setups, its is more than capable of being used in an enterprise - and supports enterprise sort of setups.. But to do that - you need equipment that also supports these more advanced features.
-
I plan after all this COVID-19 period to get a better AP for this, but for now the Guests get the older equipment - ;-)
Phizix
-
There are many reasonable priced AP that can do vlans, and more features.. Along with switches - a 40$ smart switch can do vlans.. So you can move into a more robust and secure and feature rich network without having to have enterprise budgets ;)
And for sure you can piece meal it, start small add this, and then that, and then upgrade.. Not like you have to spend $$$ to get the ball started ;) The big piece you have already done with moving to pfsense ;) And that is FREE ;) hehehe
When I first started upgrading my network not that long ago I was running pfsense as VM on esxi, on old n40L microserver - now it running on a $750 sg4860 for my home ;) hehe.. So yeah you can spend money - but it can be done cheap if need be.
-
@johnpoz said in Intentional Asymmetric Routing to a VLAN.:
There are many reasonable priced AP that can do vlans, and more features.. Along with switches
Avoid TP-Link on both. Some models don't do VLANs properly.
-
I have a 12 port 10G (each port) switch as my backbone and a 10 port (8-1G : 2-10G) switch as a remote switch in the bedroom. Both are NetGear ProSafe - they work great and are MUCH better than their consumer line. The trunk between them is LAGG {2x10G}.
My machine has a 10G Intel card and I am getting a 10G Intel card for my wife's computer and a non-Intel 10G (probably Aquantia chipset) card for the kids' computer.
The SG-5100 has a LAGG from two of the 1G ports to the backbone.
The one WAN is 400Mb/s and the other is 45Mb/s and is set to balance at 5:1.
Works really well.Phizix
-
Dude then your way ahead of me ;) You just need an AP to work with such speeds then.. And vlans!
Got you beat on wifi and wan speed atleast ;) And I am doing 2.5 (802.3bz) between my pc and nas atleast - hehehe
I have 500 down internet ;)
-
I have an Asus RT-AC88U as my non-Guest WiFi AP - 1G link to the backbone. Next year I am going to go to an AX router in AP mode for non-Guest.
My Synology NAS is on a 2x1G LAGG. And my two older NetGear NAS boxes (for backup) are on 1G links.
Cheers!
Phizix
