multiwan and NAT network structure and best/bad practice
-
i've got two ideas in my mind about my home network and wanted to run them by you guys to see how safe/unsafe they are , knowing that user isolation is not a problem for me, it's just my house network and nothing fancy like that.
idea 1:
Pfsense is always under pfsense, but has its WAN 1 and 2 virtualized on the same ethernet interface (a computer with a single NIC and without VLANS)
the PPPOE connection is not done on pfsense but rather on the ADSL modem in on itself, PFsense would get a static IP to the ADSL and 4g MODEMS to its WAN 1 and 2 interfaces but theorically all 3 interfaces are on the same switch, just on different subnets.
Question: i know that wan and lan on the same switch is a bad idea apparently when it's Pfsense that establishes the PPPOE connection but what about if pfsense is behind the modems ? is it technically "safer" this way ?
idea 2:
every interface has its own NIC on Pfsense, but the PPPOE is still established on the modem instead of pfsense itself
question: how would i deal about the "double nat" can i disable them on the modem side or on Pfsense side and deal only with one NAT and fix this problem ?Why the first idea ? : i have an unused Laptop that can function as a low power proxmox server, enough for my case and even if i FEEL like this idea is safe, running by more experienced people is better.
Why the PPPOE on the modem ? the modem has the LED indicators when the internet is on or off or if the subscription needs to be renewed for the family( yeah i know, stupid problems haha) , something i couldn't find a way of doing on pfsense.