New project
-
Hi everyone, I finally got a machine running PFsense (not yet in production) with the following features:
-CPU I5-3470 3.2Ghz,
-Ram: 8 Gb
-Disk: 120Gb SSD
-Network: 7 Gb ethernet cards.
My wan that will soon be a 1Gb Ftth with dynamic public ip.Now, however, my network appears like this:
A Fritzbox router with dynamic dns with my own domain, the devices are all on a single network, and they are:
4 AC Zyxel access points
2 Poe switch management
2 Nas Qnap
1 proxmox mini server
1 Ups with network card
several dozen smart devices, PCs, tablets, cameras with recorders, home alarms, etc. etc.
As I said before, on this network there is a mini server with Proxmox on which several servers that can be reached from the wan run:-Home assistant Server
-Weather server
-PA server management
-Reverse proxy server
-Pihole server
-Irrigation management server
all with ssl certificate generates from reverse proxy, which downloads the free Let's Encrypt ssl certificates.My idea is to create a DMZ zone for each network card on which to run the Proxmox mini server and differentiate vlan but above all OpenVPN.
on a vlan I could put the management of the APs, the switches
on another vlan all devices such as smartphones, smart TVs, PCs
on another vlan all the home automation devicesOn Pfsense firewall HAProxy Certificates happens and pfsense dare the task of downloading the various certificates from my domain while with the help of HAProxy the certificates to the various servers.
the pihole server and delete SNort.
... then we will see how to configure everything ....
In the meantime, what do you think?
I await your ideas and solutions in order to improve this home project.Thank you
-
That all looks possible.
Be sure to go one step at a time and test at each point. That's a lot of changes from your current single subnet. If you try to configure it all at once you will almost certainly hit problems.
Steve
-
@wifi75 Get rid of the Fritzbox....
-
@cool_corona sure!