Options with 4 NICS.

  • I have another thread, but to keep things from being convoluted etc.. I chose to start a new post with a new set of issues/discussion.

    My setup is now:

    2 Cable modems, each provisioned to operate at 10Mbps/1Mbps.  One Router turned into a switch by turning off all features and using the LAN ports, and not the WAN.  (This router does serve as an Access Point for wireless computers, but is more like a switch/Access point box.  It does not Route or perform DHCP etc)

    The Pfsense box is a Pentium III- 800Mhz CPU, with a 40gig HD, and 512MB of PC100 Ram.

    I've acheived Very functional Load balancing and Failover.  Of which I am grateful.  Works flawlessly so far.

    My setup is the 800mhz Box has 4 Network cards, each in a PCI slot.  One cable modem is in Slot1, Second cable modem in Slot 2, LAN going to Switch is in Slot 3.  Slot 4 is open and recognized by Pfsense, just not being used for anything.

    This is where my question comes in:

    Can I use this 4th Network Card for anything beneficial?

    Added security?

    Added Monitoring?

    Speed/throughput increase?

    Is there anything that be derived from this card?

    Can I seperate traffic even further with this extra card?

    Any ideas you can think of would be great, and much appreciated.

    If 3 NICS, with a Dual WAN connection is about all anyone can do.. I totally understand.  I am just trying to see if I can utilize an extra card for any benefit since it is just sitting in the box.

    Thank you,

  • If you connect that 4th interface to your Accesspoint and only run that one on it you could setup a captive portal and have your LAN seperated from the wireless network that way. Specify some passthrough macs for your own wireless clients and you should be set. Another option is to make the wireless clients tunnel in via vpn and have your wireless traffic encrypted this way. Other option is to set it up as DMZ, depending if you have services that you offer to the public or not.

  • Sounds good –

    What about logging/monitoring options?

    I'd like to monitor each indidivual PC connected to my network.  As in-depth as possible.

    What do you recommend for this type of monitoring?

    IE: I'd like to see packet data flow, bandwidth, and mapping etc By selecting an interface on the programs GUI.  IE: PC1, PC2, PC3 -- etc.


  • There's a package to do so (bandwidthd) but it doesn't work well on all hardware. Maybe give it a try. There are other options available. Search the forum, it has been discussed already.

  • run a cable to your neighbors house or as hoba said …WiFi AP and get your neighbors to use your dual WAN network and split/share the cost with you.  Set up encryption on the AP so only those who share the cost can use it.

    I personally have an open AP with no route to my LAN, so all my neighbors can freeload off me, but not access my LAN.  And they do use it.  I think they know it is mine but they don't say anything.  I have a tcpdump command to grab and log all useage just so I can see how often it is used.

Log in to reply