Planning a pfSense Deployment - Looking for recommendations



  • Our non-profit is using a Juniper SSG5, which has gone EOL and I am planning on deploying pfSense on a re-purposed Dell PowerEdge SC440.

    We have 5 static IP addresses supplied by Verizon (FIOS) on a 75 Mbps / 30 Mbps connection.  We are currently running two Windows domains on separate subnets (192.168.X.X and 172.16.X.X).  Once is a Windows 2008 AD/AS domain running DNS and DHCP and serving about 20 users and devices.  The other is a Windows SBS 2011 test domain that I am going to deploy once it is configured properly and running stable.

    Right now I have the networks set up in separate zones and static IP addresses mapped to each network.  In order to do this with pfSense, am I going to have to add a third Ethernet card for the second network, or can I do it through my switch?  The issue I am concerned with is assigning the 2011 network an IP address on the 2008 network and routing the static IP address traffic to it that way.  There are issues with SBS servers on a regular server network and I'd rather not have to deal with them.

    Any thoughts?

    Thanks,

    Scott


  • Netgate Administrator

    If you have a capable switch (and I imagine you do with that sort of network) then you can use to VLANs separate the subnets. You have plenty of expansion slots in that machine though and there are some advantages to using real NICs.

    Steve



  • ^^agreed get a real nic eg. intel pro server nic,  imho easier to setup and  in the long run easier to maintain and troubleshoot


Log in to reply