Hi
I am looking for help on how to us utilise a spare port on pfsense.
My current pfsense set is ISP> pfs>unmanaged switch> 1 Port to wired camera & 1 switch which controls tv area ( apple tv sky box , etc) works fine but conjested.
Is it possble to a spare port on 1 gigabit nick to create to connect Deco mesh syetem .
Apologise in advance if this a futile question as i am having issues with wi-Fi droping out .
Advice would be appreciated. Thanks in advance
Yes you can. But please be aware that second port on your pfsense box has to be in different subnet. Different subnet means no communication between devices that connect to your mesh system and devices on your switch. To overcome this problem, you need to setup some nat and firewall rules that will allow communication between different subnets. If, of course, there is a need for such communication. And whatever you do, do not bridge ports.
How are you going to do all this also depends on whether or not you have network storage. Golden rule is that you never route storage. So in order to help you properly, you need to provide more details. Whos communicating with what, and what level of access/isolation is needed.
Thanks for your reply , rightly or wrongly i am going to give this port it own ip address let say 192.68.40.1.
As the Deco mesh has IOT network which i can use . Good or bad idea?
Thanks.
Thats wrong because 192.68.40.1 is not a private address. It belongs to rackspace.us. Please use something like 10.0.0.0/24 to avoid problems.
Sorry , you are correct , typo on the address should have been 192 168.40 1 i could use 10.0.0.0/24 no problem.
Thanks for your advice, I set it up and see what happens.
you did not say how many ports on pfsense. Example:
ISP --- pfsense -- nic 1 (LAN, wired camera) 10.0.10.0/24
-- nic 2 (TV area) 10.0.20.0/24
-- nic 3 (future) 10.0.30.0/24
-- nic 4 (Deco Mesh) 10.0.40.0/24
Sorry I have 4 nics as follows
nic 0 wan
nic 1 lan
nic 3 tv area
nic 4 for deco mesh
reo nic from the mini computer
Am i still able to go with the advice?
Yes. Just connect Deco to NIC4. Configure it, and you are good to go.
Plugging your wifi into the 4th port is the cheapest option.
However, since you have pfSense anyway, you can teach yourself to use vlans. In this case you’d need a managed switch, lots of options out there. However I have the feeling your wifi isn’t vlan aware, though you could still just keep it on its own network as you already have and plugging it into the switch instead. Then that 4th port I’d combine with the 3rd port into a LAGG to the switch for the vlans, using the LAN port to directly access pfSense if you balls anything up !
I can’t imagine you have much congestion on your network but the first thing I would check is if you have bufferbloat then go from there. PfSense has some good traffic shaping options to fix that. Obviously this all takes effort and time.
Thanks for your reply , I am looking at vlans i tried a year ago and opted for use the nic.
I am newbie it great that you have this forum from informed members .
Thanks again.
I see you’re from the UK too, the cost of kit has really become more expensive in the last 4 or 5 years, but if you’re considering a switch, I bought a Netgear 48 Port, it has a lifetime warranty, when the fan failed they replaced the whole unit. Keep an eye on Amazon Warehouse sometimes you can get decent prices.
Vlans are the way to go, once you set these up, stick your camera on one and dial in on your OpenVPN connection via your phone. The trick is to document what you do, if you need to set up another in 9 months you’ll have forgotten everything !