Optimal method for configuring a home network on a limited budget
Optimal method for configuring a home network on a limited budget
I've set up a fiber link through Frontier. Experienced with significant problems using their all-in-one setup. Suffered a hand burn on one unit and had to deal with multiple issues. Definitely avoid any of their gear. They configured the Ethernet port to be active while the coax was also enabled for TV. I own a MOCA adapter so the coax side can also get Ethernet connectivity. All TVs except the main one are wired via Frontier boxes, only the DVR uses coax (which is necessary). I use my own router (Netgear RTax86U) and a RTax56U as a node in my mesh network (using the extra 2.5G connector on the 86U to the 1GbWAN on the 56U for backhaul with Cat 6 over 40 feet). I have around 10 wired devices. Currently I have 200 Mbps up/down (230 up, 200 down). I plan to increase both to 500 Mbps. My son is moving in and needs more TV and connections. I currently use three routers with wired links and seven Netgear managed switch ports (1Gb) for my wired setup. I need to separate my work connection from all other wired traffic and Wi-Fi access for security and stability. I understand the wired side is simpler than the wireless side. How can I manage that? Would it help adding another 1Gb Netgear managed switch connected to one of the wired router ports, running all my other wired connections between them? On the Wi-Fi side, some advice suggests installing ASUS WRT-merling firmware on the routers and manually setting up VLANs to control Wi-Fi and hardwired Ethernet. That might be the solution but I need guidance. I have a mix of IoT devices, wireless cameras, Raspberry Pi setups, etc., and want to isolate some for security while keeping my work connection safe. Please suggest the best approach. Thanks, ThSasquash
Consensus reached. VLANs work well, but what counts as affordable? You’ll require a solid firewall, managed switches, and an access point that recognizes VLANs to manage several Wi-Fi networks. Ubiquiti offers managed 5-port switches around $20, and a Wi-Fi 6 lite costs about $100. Finally, a router with proper VLAN support in its firewall settings is essential. I personally use pfSense, though many alternatives exist.
Reviewed my Needs vs Wants, I only need to focus on one wired Ethernet port. I’ll drop my home print feature for that segment—I’m unsure of other options. Can this be handled with my gear or something like PFSSL? Connecting to my ONT and using a smart switch for all wired devices, making the wired link act as access points for routers? Thanks for any ideas!
Just for clarity, the setup with wires and wireless doesn’t change much in difficulty. If you’ve implemented network segmentation, choosing between wired and wireless doesn’t make a big difference. To execute it properly, you’d need tools like pfSense, which supports subnetting. This lets you fully isolate subnets from each other. You can either run subnets on separate physical cables or use managed switches with Wi-Fi APs—though the latter might require purchasing new equipment. This approach lets you assign different VLANs to various ports on the switches and configure multiple SSIDs on the APs, each linked to a distinct subnet. My UniFi AP uses three SSIDs across different subnets, with firewall rules enforced at the router (pfSense) level. I do this for IoT devices so that if one gets compromised, it stays completely separate from my PC and NAS. It isn’t overly complex, though it does require some learning. The cost typically ranges from about $200 to $1000 depending on your specific setup. Check out Lawrence Systems on YouTube—he has many detailed, step-by-step guides. Before watching, I had no prior knowledge of subnets and VLANs, so his videos proved essential. Adding forum discussions can help fill in any remaining questions.