noob of noobs to pfsense cconfiguration and integration
-
Hello all; I am a noob of noob. I have been watching on youtube various videos relating to choosing, installing and configuring pfsense. I live in a very old house in Italy. The house is built in stone and concrete and it has 3 floors. Although i remodelled some of the house infrastructure I have no way of running cables.
At the moment I have 2 servers running freenas and one of the servers is based on a consumer pc architecture. Currently the whole house is connected via gigabit powerline connected to simple switches and it all works well. Currently I have an asus rt ac87u as a router that is sitting in the living room. It currently provides me with my wifi needs.
So because i have too much time on my hands I decided to have a more robust and flexible router. (I have IOT remote users such as my daughter who lives in the UK and freinds in canada.
So I buy a dell r710 because it has 4 lan ports. Yes it is an overkill but I will replace it next spring with an R610. I receive my internet service from EOLO (which transmit via radio waves and I receive the signal via a dish that connects to a eolo box (which is a small brick that has the satellite feed in and the out goes to my current router in the living room.
My next step Is to install all IT equipment in a rack and move it to the loft.
I will move the internet feed from the living room to the loft.So now pfsense will be in the loft which will to a managed switch which will have direct connection to the server environment. Then I plan going from the switch to a powerline connection which will connect all my pcs in my house fine.
Finally my question:
since to use my current router as an AP (I read that this is possible)Can I leave the current router in the living room and have it fed by a powerline and still act as an AP?
I fear that moving it to the loft i will not have sufficient band strength to feed my guests and I when we are on the ground floor or outside in the yard.
Thank you for taking the time to read this and responding
-
Hi,
If your question is what your Asus router AP is capable of : I don't know.
You could :
pfSense <=> [some AP] < over the air > {ASUS AP] < Wifi >pfSense offers good Internet coverage - but it stops at it's LAN NIC.
After that, you could uses AP's all over the place using some mesh type of network. But cables and switches will garantuee decades of "no hands neither brain needed".Personally, even if it's a bunker, I would drill holes as cables are a live time solution. Not your live, the building's live ^^
-
Thank you for taking the time to read all my blurb
the point is i do not want to drill holes and channels to wire the house,, nor do i want to see airborne or floating wires. In the youtube videos i see that by putting the asus ac87u in a bridge mode and turning the its dhcp off i could use the ac87u as an AP.
my lack of knowledge makes me confused and ignorant on how i should connect the asus. In my opinion i would connect the wan port on my asus to the power-line adaptor who intern connect to a port on my manged switch. this would be step one.
now to configure pfsense on my dell r710 which has 4 port NIC
One port I will use for wan
one port I will use for lan IP 192.168.1.1
one port for IOT lan IP 192.168.20.1This i understand. with proper rules all who are on 192.168.1.1 will access all devices but all devices that are on 192.168.20.1 will not have access to 192.168.1.1 devices... Great
do i need to assign a different port for the wifi or do i create a vlan and assign an IP to the vlan such as 175.168.10.1
Do i need to connect an additional port of the r710 to the managed switch port. and assign it to wifi?
To make matter a little more complicated I would like a guest network and a private wifi network. This i can do on the asus router
Once again thank you for tating the time to read all my blurb and helping
-
@wbravin said in noob of noobs to pfsense cconfiguration and integration:
bridge mode and turning the its dhcp off i could use the ac87u as an AP.
Correcrt - you said it : "bridge".
The bridge is between a wire and Wifi.@wbravin said in noob of noobs to pfsense cconfiguration and integration:
In my opinion i would connect the wan port
The WAN port is used if your Asus works as a router (as pfSense does). An AP is a device that works more as a switch.
You'll be using one of it LAN ports, hooking up to the "Ethernet over power line wall outlet". That would work just fine.If the Asus supports VLANs and different SSID networks that can be connected to individual VLAN's you could separate your SSID's. Your needs depend on what this "AP Asus" can do for you.
-
Great thank you this is what i needed to know.
Asus ac87u does support 2 ssid one for private and one for guests. so i can leave the wifi function to the asus. I will connect the switch to the powerline which in turn be connected to a lan port on the asus.However you just made me realise that i need to understand the routing of all this.
As i motioned i will have 1 managed switch. One port of this switch will be connected to the powerline (in the server room) which through the electrical wiring of the house will be connected to a a local powerline. This powerline will be connected to a local simple switch then i will connect one port to the ac87u to a and the htpc and tv to an other separate ports of that switch.
If this works then i have the wifi i need.
i would be able to connect my HTPC and my TV (which i will set to the IOT lan) in that room to the other ports on the switch.
If this works great. I will replicate it to my home theatre room with its own power line unit and simple switch.The rest of the laptops will work off their dedicated powerline which in turn (again through the hose electrical wires) to the main powerline in the server room.
I am spending this morning learning about switches. and from the sound of it, i do not need a managed switch in the rack. I should live with a simple switch.
This would mean (in my feeble mind) that I should have only 1 lan cable from the r710 connected to my switch in the rack.
This would mean that i have one port on the dell r710 connected to the WAN
1 port connected to the switch this would represent my lan network. Then have a Vlan for the IOT (192.168.2.1 and a Vlan 175.168.1 1 for wifi.Is this reasoning correct or am i just barking up walls and mirrors.
Thank for your patience in reading this and for answering and clarifying these issues I have
-
Hello all
After spending all day yesterday learning about managed switches, Vlans, firewall rules and connectivity issues. I have come to the decision that i am biting off more than i can chew and if i do manage to chew it i will definitely get indigestion.
Therefore I will install pfsense as a plain vanilla solution with 1 LAN (192.168.1.1) to which i will connect this to a 24 port managed switch (that i still need to buy)
to the switch I will connect to my 4 serves and the home automation server directly and connect one port to the powerline in the loft. I will set with a static IP address for all the servers. and DHCP for the powerline.
then the powerline in the loft will connect to the powerline in each room which in turn will connect either to a computer directly or to a simple switch.
In the case of the living room i will connect the asus as an AP, my HTPC and my TV with a static IP. to a small switch. If it would help I can connect the asus AP to it's own powerine. would this be better? then the on the asus i will segregate the home wifi and the guest wifi.
In the case of the home theatre room I will connect the projector via wifi and the HTPC *with a static IP to the a simple switch that will be connected to the powerline in that room .
once this is all done and working i will start to develop the firewall rules to further secure my environment. and then learn of to design develop and implement vlan to segregate the IOT from the rest of my environment
Once again thank you for your contribution and I apologise for being so long winded.
