Home networking build
-
Hello all
I,m new to pfsense and wanted some advice on a build im thinking of for my home network.
See attached pic
I am building my own pfsense box using:
Specs
CPU: Intel i3-3220T
Motherboard: Gigabyte GA-B75N
RAM: G.Skill Sniper 1600 8GB x 1
PSU: SilverStone ST30SF 300W
SSD: ADATA Premier Pro SP600 32GB
NIC: INTEL PRO/1000 MT QUAD Pci-x
Case: SilverStone Sugo-SG05 LiteAll cables will be Cat6
Any issues you see with this type build?
Any sugestions?
How would I be able to get the tech port to pass though pfsense to read isp's radios without being able to see the rest of my network?
Would i need managed swicths or unmanaged?
I know some may say use the search and i have and found out lots of useful info. I always do my research before doing any type of build drives my wife nuts. lol
i have built 5 rock solid computers over the years not the fastest but soild. but im no programer and have no coding exp thats why i ask for this is all new to me.Thank you all in advance.
 -
I,m new to pfsense and wanted some advice on a build im thinking of for my home network.
That's some home network.
Any issues you see with this type build?
None. Your hardware should be more than powerful enough.
How would I be able to get the tech port to pass though pfsense to read isp's radios without being able to see the rest of my network?
By creating firewall rules to allow it - by default interfaces can't access other interfaces so you just need to make sure the tech port interface can see the WAN.
Would i need managed swicths or unmanaged?
I use managed, for fine-grained control. If you don't care and just want to manage two big clusters on each switch as if they were one entity, that's fine. It's going to be a lot more configuration work for you if you do want managed and individual control over each client device.
-
I noticed Intel ARK doesn't show that exact CPU model as having the AES instructions. Not an issue right now as PFSense doesn't use them from what I understand, but it could make a difference in the future. If you're still using this box in 5 years from now, how will it handle 1gb Internet with VPN connections. Just something to be aware of.
http://ark.intel.com/products/65694/intel-core-i3-3220t-processor-3m-cache-2_80-ghz
-
Thank you for your input on the cpu i was looking for a low power usage cpu. But now that i see what your talking about i could change it to
http://ark.intel.com/products/76342/Intel-Core-i5-3340-Processor-6M-Cache-up-to-3_30-GHz
For the swicthes i want control so ill go managed just have to decide Netgear or TPlink.
I do have a few more questions to ask if you dont mind me using your time a bit more.
1 how many Vlans/ subnets would i need.
2 all my xbmc's and severs would have static ip's, but how would i go and make the privet ones to be hidden from all save for my main work station.
3 The 4 access points how would i go and make 1 privet/hidden broadcast and one guest broadcast.
4 when setting up pfsense could i make both onboard nic's to be the wan and the nic card be the lan.
Sorry for the pestering questions but networking like this is a new learning curve i need to learn and this fourm seems the best place for ansewers.
Thank you all agine for your help and advice -
Thank you for your input on the cpu i was looking for a low power usage cpu.
I also wanted a low power cpu so I use an Atom. I figure in 5 years time I'll get a new box.
For the swicthes i want control so ill go managed just have to decide Netgear or TPlink.
Or Cisco. I have an SG-200-08. There are others in the range. More $ than some of the others but good reputation.
how many Vlans/ subnets would i need.
Up to you. E.g. you could have all xbmc's on one vlan, all servers on another. Or every individual device on an individual vlan. I have an 8-port switch so I have 7 or 8 vlans, one for each switch, but I only use half. The more you use, the more configuration you need to do. There are ways to simplify this, using floating rules and aliases.
all my xbmc's and severs would have static ip's, but how would i go and make the privet ones to be hidden from all save for my main work station.
The 4 access points how would i go and make 1 privet/hidden broadcast and one guest broadcast.
It's all set by firewall rules. You can set aliases for ranges/groups of IP addresses and pass/block ranges etc. This is what I do, to allow certain devices full access, other devices restricted or time constrained access, and some devices almost no access except to one or two IPs. pfSense is very configurable.