Pfsense networking/hardware configuration setup
-
Hi I am trying to setup a secure firewall network for my home. Attached is an image of what i am trying to do. My question is i have a netgate s350 managed switch which does support VLAN's. From my pfsense pc/firewall do i define any VLAN? Ideally I would have liked to have used the 4 port nic on pfsense pc but i don't want to run multiple cables for different routers. So I am running 1 cable from pfsense pc to a switch. Then i am going to define VLAN's from that. I will then connect the routers to the switch and use the DHCP server on the switch.
-
Why do you have those other 2 routers? Pfsense can do everything you need. You can configure it with VLANs and then use the switch to separate the subnets. For example, I have a managed switch and an access point configured for 2 SSIDs. I use a VLAN to connect the guest subnet to the AP and the firewall rules block guests from accessing anything on my local network, other than pinging the guest interface.
-
@JKnott The routers only support a limited amount of a devices i can connect to them. If i connect more then 25 devices it starts doing funny things so i got a separate router. The older linksys is now connecting all my iot devices and the new router connects all my pc's and home network.
-
What starts doing funny things? What funny things? As I said, create VLANs and use the switch to connect to the VLANs as necessary. If you have problems, just describe them so we can provide useful advice.
-
@JKnott so the router can only handle upto 25 devices it will start dropping off my iot devices from the network.
I think you have answered my main question/concern was should i create vlan from pfsense to the switch and then create vlan for the routers but you have indicated to create them from pfsense to the switch and then configure switch to connect to routers.
Thanks for helping out. I will start running cable and if there is an issue i will message back here.
-
Why do you want the other routers? You can use pfsense to do that. Create as many VLANs/subnets as you need and configure a DHCP server on each of them them. Then create the rules to do what you need. There is no reason to have more routers after pfsense. If you don't have enough switch ports, then you can use a bigger switch or additional ones. For example, you mention "smart devices". I assume you mean IoT, which means you will want a PoE switch. So, you could configure 1 port on the Netgate switch for IoT and connect the PoE switch to it.
-
Before i found Pfsense i have already hardwired my iot's. So now the only new addition has been smart switches wifi cameras. motions light and temp sensors. The issue would be wifi plus due to the my current limitations the server will be in the basement if i end up settiing up mesh of wireless network the cost ends up going high. This is stuff i have just lying around so i would use this plus if in the future i want to wire my house to have another network for work purposes i can run a cable to my switch is located in a convenient place.