Pre-Installation Planning (Please check my starter work)



  • Hi All!

    Wondering if I could get a double check on my pre planning for installing a pfSense box this weekend.  I've not done any manual networking in over a decade so I want to be sure this plan goes as smoothly as possible (I don't want wife aggro for not having internet available XD)

    For beginning I'll only be using pfSense as my router/firewall, and as I get comfortable with it I'll start to add packages later on.

    I've a google spreadsheet listing my current devices and what I plan to do with static addressing.

    I plan on using pfSense to assign DHCP addresses to any device coming from my wireless AP (a Netgear r7000 setup as an AP).  It should do that with no problems correct?

    Thanks for any help!

    https://docs.google.com/spreadsheets/d/1lXgTeXHqWa7raKE20lTymTiQZFQO51qKNgJuSUuAdjc/edit?usp=sharing



  • Hi iamwardicus

    Just to understand it better, i have made an ASCII Diagramm

    For your DHCP: You can enable DHCP Server for each LAN. But if you have all of your devices in the same LAN you can't say "Make DHCP just for wired Connections" so it will make DHCP for all Devices. That means you can also set your PC to take the IP from DHCP if you want.

    
          WAN / Internet
                :
                : DialUp-/PPPoE-/Cable-/whatever-Provider
                :
          .-----+-----.
          |  Modem    | 
          '-----+-----'
                |
            WAN | 
                |
          .-----+-----.     Lan     .------------.
          |  pfSense  +-------------+ Dell 2816  |
          '-----+-----'             '-----+------'
                |                         |
            LAN |                     LAN |
                |                         |
                |                 ...-----+------... 
                |                       NAS/PC
                |
                |
                |
          .-----+------.       LAN  
          |   Netgear  +---------------               
          '-----+------'               |
                |                      |
            LAN |              ...-----+------...
                |                PC/TV/Pioneer
          .-----+------.
          | R7000      |
          '-----+------'
                |
          WIFI  |
                |
        ...-----+------... 
         Wireless Devices
    
    

    I hope you understand what i wanted to say.

    Best Regards
    Aaron



  • The only change I would make is to not bridge two interfaces in pfSense together for LAN, as it looks like you might be doing with the Dell and Netgear switch connections. Use one interface in pfSense for LAN, and send that to your Dell switch. Link your Netgear switch off the Dell switch then, rather than directly from pfSense. Leave switching up to the devices designed for that purpose; don't use pfSense as a switch.

    As AaronvaB mentioned, pfSense won't be able to determine if a device is wired or wireless, but if all of your wired devices have static IP addresses, it won't make much of a difference, as they won't be polling for DHCP anyway. But just be aware that someone could wire a laptop to your network and would still get a DHCP address (if there's a lease available).



  • I guess that would make a little more sense plugging in the downstairs switch into the upstairs switch (by the cable modem) instead of directly to the pfSense box.    Thank you for the input there - I didn't even consider it.

    As for the wired DHCP I don't really mind that as it's just a home network - if someone plugs into it, than they may as well get data that way vs just stealing my stuff.

    All in all thank you both for the input!