FIRST: Sorry for the wall of text. I tried to explain what I have to try to make my options clearer. My head is full of dots that need connecting
a) I used to have WiFi issues at home years ago.
I was using a Netgear R7000 for routing my cable internet, NAT and as WiFi.
I was also running VPN on my PC, as trying in in the router made everything slower than ants.
b) I live in an old crowded building and the WiFi didn’t seem strong enough. So I put in a Ubiquiti UniFi AC-HD with CloudKey and that took care of providing a good signal to the apt.
c) Now I have Verizon FiOS “Gigabit” (only Internet, VoIP third through Google Voice OBI202, no FiOS TV. It seems The Netgear R7000 (1GHz CPU) just can’t cope. I still have basic cable internet too for failover because I work on-call and need a connection just in case.
c) I recently discovered pfSense thanks to @LTS_Tom. etc. on Youtube. It looks like I could run a router box, from Netgate, put together a little box with quad NIC (I have an Intel Quad NIC), do VPN on it to either PIA/NordVPN or even set up a cheap VPS to route everything that way. Eventually I might route out to AMZ or Azure if my studies pay off…Either way, I right now I want to encrypt to most or all my packets from my ISP, DNS and everything, I dont’t trust Verizon to do anything good with my data. Plus I need a secure(ish) off-site backup soon in case disaster strikes.
My problem 1: I got a secondhand Juniper SRX220. Unless I’m doing something very wrong, it can’t cope with routing gigabit between my NAT and Internet, not even close. Its VPN support seems rubbish and I can’t even get the latest firmware update because I’m not the original owner.
My problem 2: I grabbed an Ubiquiti EdgeRouter 6P from Amazon. I got scared about the Netgate S300 because I thought there could be only one WAN so couldn’t do like double WAN and VPN for a segment of the network, etc.
My problem 3: I also have a secondhand Nortel (now AVAYA) BayStack 550-24T-PWR. Commonly known as ERS5500. It’s a managed switch, 24 PoE port (4SFP) that can do Gigabit fine on the lan but it’s a little loud and again Avaya won’t let me update it to latest version because I wasn’t the original owner
Someone recommended a DellPowerConnect 5524P that seems a bit more modern on ebay. It has RJ-45 console, 2 SFP+, USB and is stackable via HDMI. It’s also $120 so when I saw Xeons on Ebay for not much more than that, I couldn’t help think a 1U xeon with quad Intel NIC might be a beast to run suricata and anything I could throw at it, maybe a DMZ, multiple VPNs to fully segment the home and work network, etc.
PS:
Current PC Ryzen 7 2700X 3.7 GHz 8 core, Gigabyte Aorus Gaming 7, 32 GB DDR4 RAM, 256 NVME and 2TB WD Black temp data drive till I get a NAS going
– goes crazy if I try IOMMU due to some BIOS issue
Spare box (thinking about putting unraid on it for NAS and so I can play with VMs) Asus Z87-Pro i5-4590S Quad Core (SR1QN) 3.00 GHz FCLGA1150, 32 MB DDR3 RAM 3x4TB WD, 1 spare 300 GB
Velociraptor). I hear I could run a PBX on it for the office phone and fax lines?
2x250GB Samsung 850 EVO for laptops if I can’t find a better use
PS Off Topic: I’ve been learning a lot since then thanks to @LTS_Tom, invader1 and other people on youtube. I’m actually considering looking at places where I could get learn properly, get certifications to supplement my income (now working on healthcare where security is much important too)…