F5F Stay Refreshed Power Users Networks Hardware issues? Let me know!

Hardware issues? Let me know!

Hardware issues? Let me know!

K
KermitTheCrab
Member
Find
145
01-08-2016, 03:07 AM
#1
Hi all, I’m planning a network refresh in about a month or two. I’d like some advice from someone who’s done this before. Right now I have fiber coming into my garage via a modem/gateway. I want to disable Wi-Fi (the 5G is unreliable, especially over phone lines) and also turn off other services like DHCP. I plan to route everything through a PFSense router from Netgate—just the WAN, LAN, and one OPT port. The WAN will go straight to the modem, while the others should head into a switch that connects to my LAN, which then mirrors the LAN to the OPT port for SIEM use. I’ll also link other wired areas like my office or living room via patch panels. For extra coverage, I’ll need a few more ports in the garage for WAPs, ideally mounted in a central spot. In the office, the connection should be a trunk port so the PFSense OPT can be remotely extended there. I’m considering a duplicate switch in the office to match capabilities and might use a smaller model since it’ll have fewer ports. I’m also thinking about existing unmanaged 1G switches in rooms like the living room or game room, where multiple devices might connect.

Hardware I’m considering:
Reply
Reply
K
KermitTheCrab
01-08-2016, 03:07 AM #1

Hi all, I’m planning a network refresh in about a month or two. I’d like some advice from someone who’s done this before. Right now I have fiber coming into my garage via a modem/gateway. I want to disable Wi-Fi (the 5G is unreliable, especially over phone lines) and also turn off other services like DHCP. I plan to route everything through a PFSense router from Netgate—just the WAN, LAN, and one OPT port. The WAN will go straight to the modem, while the others should head into a switch that connects to my LAN, which then mirrors the LAN to the OPT port for SIEM use. I’ll also link other wired areas like my office or living room via patch panels. For extra coverage, I’ll need a few more ports in the garage for WAPs, ideally mounted in a central spot. In the office, the connection should be a trunk port so the PFSense OPT can be remotely extended there. I’m considering a duplicate switch in the office to match capabilities and might use a smaller model since it’ll have fewer ports. I’m also thinking about existing unmanaged 1G switches in rooms like the living room or game room, where multiple devices might connect.

Hardware I’m considering:

Reply
Reply
S
softisA
Junior Member
Find
47
01-08-2016, 05:35 PM
#2
Managed switches support port mirroring effectively. This approach makes more logical sense than relying solely on an optical port for mirroring. You wouldn't need to connect the opt1 port at all. The 1GbE SPF ports won't offer any performance boost over standard RJ45 ports. I think using Unifi or TP Link Omada access points would be a better choice since they're more affordable while still delivering comparable speeds.
Reply
Reply
S
softisA
01-08-2016, 05:35 PM #2

Managed switches support port mirroring effectively. This approach makes more logical sense than relying solely on an optical port for mirroring. You wouldn't need to connect the opt1 port at all. The 1GbE SPF ports won't offer any performance boost over standard RJ45 ports. I think using Unifi or TP Link Omada access points would be a better choice since they're more affordable while still delivering comparable speeds.

Reply
Reply
0
0liball
Junior Member
Find
14
01-24-2016, 12:08 PM
#3
Alright, I'll check out the omada's.
Reply
Reply
0
0liball
01-24-2016, 12:08 PM #3

Alright, I'll check out the omada's.

Reply
Reply
D
daemon29
Member
Find
67
01-24-2016, 01:15 PM
#4
It isn't really necessary—it's absolutely essential since that box grants access to the AT&T Network. There are some indirect methods to remove their gateway, but it's about to stop. Most users set the gateway in IP passthrough mode, which disables the router portion and lets you use your PF-Sense device.
Reply
Reply
D
daemon29
01-24-2016, 01:15 PM #4

It isn't really necessary—it's absolutely essential since that box grants access to the AT&T Network. There are some indirect methods to remove their gateway, but it's about to stop. Most users set the gateway in IP passthrough mode, which disables the router portion and lets you use your PF-Sense device.

Reply
Reply
I
itacarambi
Member
Find
189
01-25-2016, 12:08 PM
#5
I was reminiscing about the days of cable modems, remember? I had a Linksys router and even a separate Linksys wireless router. @Electronics Wizardy - you mentioned this part at first? I wasn't sure why I thought that way. It seems more logical to copy the LAN port on the switch to the RSPAN device instead of mirroring it from the OPT side. My reasoning probably came from using smart switches rather than managed ones, which is why I noted the VLAN tagging. But if I decide to mirror from the WAN port later, that could be a risk. Updated January 28, 2023 by ki3den
Reply
Reply
I
itacarambi
01-25-2016, 12:08 PM #5

I was reminiscing about the days of cable modems, remember? I had a Linksys router and even a separate Linksys wireless router. @Electronics Wizardy - you mentioned this part at first? I wasn't sure why I thought that way. It seems more logical to copy the LAN port on the switch to the RSPAN device instead of mirroring it from the OPT side. My reasoning probably came from using smart switches rather than managed ones, which is why I noted the VLAN tagging. But if I decide to mirror from the WAN port later, that could be a risk. Updated January 28, 2023 by ki3den

Reply
Reply
X
xCre8x
Member
Find
52
02-16-2016, 03:43 AM
#6
With cable modems, the situation remains unchanged. Cable providers must permit customer-owned modems. For instance, a CM1000v2 works this way. Fiber companies don’t follow the same guidelines. I’m hoping for changes in the future so you can purchase your own ONT and choose any router you prefer.
Reply
Reply
X
xCre8x
02-16-2016, 03:43 AM #6

With cable modems, the situation remains unchanged. Cable providers must permit customer-owned modems. For instance, a CM1000v2 works this way. Fiber companies don’t follow the same guidelines. I’m hoping for changes in the future so you can purchase your own ONT and choose any router you prefer.

Reply
Reply