Setup for hotel

khansen

I have a few design questions if anyone can provide any input.

I am working with a local private hotel that has the following:

Internet provider 1 - 5 IPs main connection
Internet provider 2 - 5 IPS backup connection

Internal:

Public wifi
Private network
POS system has own firewall required (separate IP ?)
Directv DRE system has own firewall required (separate IP ?)
PMS system, most likely part of the private network

I am planning on using the C2758 with additional interfaces added.

1 - should each ISP be setup on only one interface with all IPs configured as subinterface and pass through to the other firewalls or should there be a switch between ISPs and pfSense so that each firewall is assigned own IP

2 - would it be easier to manage if each internal network be assigned to separate interfaces or VLAN them? The POS will have to have access to the private to communicate with the PMS system for foodservice billing, the public wifi will need access if possible to parts of the private network (the rooms have automation controls for lighting, audio, TV, shades, etc. that is controlled by Crestron system, and they want to give guests ability to BYOD and connect and control room functions.

Appreciate any input.

Kurt

Derelict

the public wifi will need access if possible to parts of the private network (the rooms have automation controls for lighting, audio, TV, shades, etc. that is controlled by Crestron system, and they want to give guests ability to BYOD and connect and control room functions.

What you do is dependent on whatever security measures are in place by these Crestron people.  How do the users authenticate so they can only control their own room?  Last name/room number on a web page?  Are they expected to install an app?