Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login
    Introducing Netgate Nexus: Multi-Instance Management at Your Fingertips.

    How I should rethink my network when moving my protected LAN to a Datacenter ?

    Scheduled Pinned Locked Moved Firewalling
    3 Posts 2 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M Offline
      marcello
      last edited by

      My current network topology is as follows:

      I have 30 port forwarding in pfSense for internet services, and those services depend on databases hosted in the LAN. Besides that we have a couple a Test Servers only accessible in the LAN.

      After running peacefully (pfSensefully ) this setup in a closet on the company premises, I have now the duty to move all of this to a datacenter. ( 4 servers with 30 some VMs)

      Is it a good idea to keep the private LAN in a datacenter ? Or should I try to give public IP adresses to all servers and do only firewalling with pfSense ?

      1 Reply Last reply Reply Quote 0
      • W Offline
        wm408
        last edited by

        I think there are many ways to consider all of this.  It is a topic that I will run into in the future more, I just keep hiding from it because I haven't been tasked with it.

        Here is my first thought, and two cents:

        It really depends on the services that you provide.  Generally speaking if most of the services are intended for internal use only, I would consider a VPN tunnel from say, a main office, to the datacenter.  It can help narrow down entry points into your network(s) and may be easier to manage from a security standpoint.

        Opening up all of your services to the public net introduces more challenges and work.

        I tried to keep my response as simple as possible here.  I am sure there are much more sophisticated ones.

        Good luck.

        @marcello:

        My current network topology is as follows:

        I have 30 port forwarding in pfSense for internet services, and those services depend on databases hosted in the LAN. Besides that we have a couple a Test Servers only accessible in the LAN.

        After running peacefully (pfSensefully ) this setup in a closet on the company premises, I have now the duty to move all of this to a datacenter. ( 4 servers with 30 some VMs)

        Is it a good idea to keep the private LAN in a datacenter ? Or should I try to give public IP adresses to all servers and do only firewalling with pfSense ?

        1 Reply Last reply Reply Quote 0
        • M Offline
          marcello
          last edited by

          The more I am thinking of this, the more I am thinking I will keep the same network with the internal LAN and setup a VPN to work there from remote ( yes much easier to have a single entry point to monitor)

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2026 Rubicon Communications LLC (Netgate). All rights reserved.