F5F Stay Refreshed Power Users Networks Set up a VLAN to a VPN on your 4-port PFSense router.

Set up a VLAN to a VPN on your 4-port PFSense router.

Set up a VLAN to a VPN on your 4-port PFSense router.

G
GDiamond1000
Member
Find
54
05-06-2019, 04:42 PM
#1
I own this gadget here https://www.amazon.com/dp/B09PHHXN9V?psc...ct_details. It features four Ethernet connections on the rear panel. Port 0 functions as a WAN (internet) connection, while Ports 1 through 3 operate as standard LAN ports for everyday tasks such as gaming PCs, Wi-Fi routers, TVs, etc. I’m using pfSense for networking. My goal is to designate Port 0 for WAN, Port 1 for regular LAN use during normal activities, and Port 1 as a VPN gateway for ProtonVPN. I have a dedicated Wi-Fi access point for VPN devices, though the drawing isn’t perfect. I suspect VLANs will be involved but I’m unsure about configuring them properly. Any guidance would be greatly appreciated.
Reply
Reply
G
GDiamond1000
05-06-2019, 04:42 PM #1

I own this gadget here https://www.amazon.com/dp/B09PHHXN9V?psc...ct_details. It features four Ethernet connections on the rear panel. Port 0 functions as a WAN (internet) connection, while Ports 1 through 3 operate as standard LAN ports for everyday tasks such as gaming PCs, Wi-Fi routers, TVs, etc. I’m using pfSense for networking. My goal is to designate Port 0 for WAN, Port 1 for regular LAN use during normal activities, and Port 1 as a VPN gateway for ProtonVPN. I have a dedicated Wi-Fi access point for VPN devices, though the drawing isn’t perfect. I suspect VLANs will be involved but I’m unsure about configuring them properly. Any guidance would be greatly appreciated.

Reply
Reply
M
morlurne
Member
Find
67
05-14-2019, 08:56 PM
#2
You accessed it and added memory and storage to it.
Reply
Reply
M
morlurne
05-14-2019, 08:56 PM #2

You accessed it and added memory and storage to it.

Reply
Reply
W
W3ld3r
Member
Find
51
05-14-2019, 10:10 PM
#3
Certainly. The system already includes PFSense and ProtonVPN configured with the necessary certificates.
Reply
Reply
W
W3ld3r
05-14-2019, 10:10 PM #3

Certainly. The system already includes PFSense and ProtonVPN configured with the necessary certificates.

Reply
Reply
S
saburo
Member
Find
192
05-14-2019, 11:19 PM
#4
You also installed an operating system, but you require guidance on configuring it.
Reply
Reply
S
saburo
05-14-2019, 11:19 PM #4

You also installed an operating system, but you require guidance on configuring it.

Reply
Reply
G
GameBoosh
Senior Member
Find
470
05-15-2019, 05:58 AM
#5
The operating system is ready. I’m unsure about VLANs unless needed. I just need a standard LAN on port 1, with a VPN connection through port 2.
Reply
Reply
G
GameBoosh
05-15-2019, 05:58 AM #5

The operating system is ready. I’m unsure about VLANs unless needed. I just need a standard LAN on port 1, with a VPN connection through port 2.

Reply
Reply
K
KiNG_R3X
Member
Find
185
05-15-2019, 09:23 AM
#6
Only require vlans when you’re using managed switches. I’d probably search for vlans and read about them… it would be simpler for you to find a YouTube video than for me to explain everything. The shirt version is, they act as virtual subnets sharing the same cable. You don’t need this if you’re using a dedicated AP for a separate network. With VLAN-aware APs, you can have several SSIDs each with distinct VLAN tags on the same IP. But this doesn’t match your setup. Set up a subnet on port 2 just like you did on port 1, configure firewall rules as needed (usually deny everything except WAN), plug in the AP, and you’re done. Just need to arrange DHCP for that new network. Although I just rechecked—you’ll be using UniFi, which supports VLANs. You don’t need a second AP; one can host multiple SSIDs, each tagged with a different VLAN. Check out Lawrence Systems on YouTube—they have many tutorials about UniFi gear and how to set this up with VPNs. I’ve got a setup similar to yours based on his videos.
Reply
Reply
K
KiNG_R3X
05-15-2019, 09:23 AM #6

Only require vlans when you’re using managed switches. I’d probably search for vlans and read about them… it would be simpler for you to find a YouTube video than for me to explain everything. The shirt version is, they act as virtual subnets sharing the same cable. You don’t need this if you’re using a dedicated AP for a separate network. With VLAN-aware APs, you can have several SSIDs each with distinct VLAN tags on the same IP. But this doesn’t match your setup. Set up a subnet on port 2 just like you did on port 1, configure firewall rules as needed (usually deny everything except WAN), plug in the AP, and you’re done. Just need to arrange DHCP for that new network. Although I just rechecked—you’ll be using UniFi, which supports VLANs. You don’t need a second AP; one can host multiple SSIDs, each tagged with a different VLAN. Check out Lawrence Systems on YouTube—they have many tutorials about UniFi gear and how to set this up with VPNs. I’ve got a setup similar to yours based on his videos.

Reply
Reply
X
xRedxNightx
Member
Find
176
05-29-2019, 11:14 AM
#7
Thanks in advance! This looks like what you were hoping for. I'll start working on it after my break today! Appreciate the help!
Reply
Reply
X
xRedxNightx
05-29-2019, 11:14 AM #7

Thanks in advance! This looks like what you were hoping for. I'll start working on it after my break today! Appreciate the help!

Reply
Reply