OK, so I was watching your Sunday stream (after the fact). and you mentioned about not routing storage through the firewall. I understand the problem that will cause, but if the storage is on its own subnet, and the computers are on another subnet, how else do you route that traffic?(aside from L3 switches). I dont have storage, but I have issues with a cctv system, that has issues I believe is caused by the routing of the streams through to firewall, as the NVR and computers are on seperate subnets, but aside from firewall rules, Im not sure that there is another way!? could you clarify what you were referring to in your vid, I am using Pfsense for my firewall/router.
You typically either have a second interface on computer in the storage VLAN/Subnet (which keeps the storage traffic physically serparate) or you add the storage VLAN to the computer’s NIC and give the computer an address in the storage subnet.
Look into putting your cctv cameras and nvr on the same network using vlans if your switch supports vlans. This way all cctv stays on the same network and not routed thru pfsense
Then grant your normal access to nvr by creating pfsense firewall rules