Is this setup correct? I'm new setting up PFSENSE

jcer93705

Hi is correct? Cable Modem –---- > PFSENSE -------- > Netgear WNDR4500  Wifi Router  -------> TP-LINK TL-SG1016 16 port Gigabit Switch ------------- > Have connected media player, Gaming server, VOIP

Also do I disable the firewall of my netgear? I'm wundering if its correct setup. I also be needing help to forward quake 3 ports. When router connected to cable modem its online but if i put bfsense between cable modem and netgear its not. Anyways TY

firefox

It depends on who you want will divide ip addresses

Better that pfsense will do it
Better to connect like this
Cable Modem –---- > PFSENSE-------> TP-LINK TL-SG1016 16 port Gigabit Switch-------- > Netgear WNDR4500  Wifi Router

Turn off the router dhcp server
And its firewall

Assign a ip address not in the distribution of pfsense
Example
If the addresses are from 192.168.0.1 to 192.168.0.100

Assign him an address 192.168.0.102

The connection between the router to the switch is performed from lan to lan

jcer93705

@firefox:

It depends on who you want will divide ip addresses

Better that pfsense will do it
Better to connect like this
Cable Modem –---- > PFSENSE-------> TP-LINK TL-SG1016 16 port Gigabit Switch-------- > Netgear WNDR4500  Wifi Router

Turn off the router dhcp server
And its firewall

Assign a ip address not in the distribution of pfsense
Example
If the addresses are from 192.168.0.1 to 192.168.0.100

Assign him an address 192.168.0.102

The connection between the router to the switch is performed from lan to lan

Ic and My router have ability to have it set as AP. Wouldn't that disable everything that comes to
security? Also I would like to have Guest WIFI disabling all security would they have access of my
server? I want guest wifi enable so they wont be able to access other computers and servers.
Anyway's can you make it more like step by step and for me to under stand better? TY

phil.davis

To keep your LAN secure from Guest WiFi you have to put Guest WiFi on a completely separate LAN and subnet. If your pfSense has a 3rd NIC, then plug the WiFi device LAN into that 3rd NIC, assign the 3rd NIC to OPT1 in pfSense, give it a different private subnet, then allow just the traffic that you want from OPT1. The WiFi device should have DHCP and routing off - just be a WiFi access point.
If you do not have a 3rd NIC, then you have to use VLANs, and for that you need a VLAN switch to connect to pfSense then run both LAN and OPT1-Guest-WiFi on the VLAN switch.

johnpoz

^ exactly!!!  Right on the button perfect answer, couldn't of said it better myself ;)