An update on recent technical problems and more from the admin: https://forums.penny-arcade.com/discussion/250292/on-technical-difficulties-mod-coverage-and-other-things/p1?new=1
Options
Segregated Home Network Design
AltxanderHamilton
Registered User new member
Registered User new member
After some internet of things security weirdness, I've decided it's a good time to get to designing a new home network. I'm not even sure if what I'm talking about is feasible, so I wanted to see if there were any networking gurus around here to point me in the right direction.
Essentially what I'm looking for is to have 3 separate networks, completely isolated from one another.
Wireless Network #1, "I don't trust you"
Wired + Wireless Network #2, "I trust you, stay here"
Wired + Wireless Network #3, "I trust you too, but stay over here"
And nary the 3 shall mix, but all 3 would somehow work with my cable modem and single IP.
As best as I can map out with my limited networking knowledge, I could either have
Option 1: A super-powered router that could handle all 3 wireless networks and also handle separate VLANs to tie specific LAN ports to the other wireless networks.
or
Option 2: I could get multiple routers and set up some kind of weird daisy chain?
Now I've barely touched VLANs and I'm not afraid of getting into the tech of it all, but for some reason I find network stuff...stressful/confusing. It never seems to work the way I expect it to, and dealing with devices that may or may not have specific features is a pain.
Anyone have any suggestions or resources to figure this out?
Thanks in advance.
Essentially what I'm looking for is to have 3 separate networks, completely isolated from one another.
Wireless Network #1, "I don't trust you"
- Internet of Things devices
- Gaming consoles/devices
- Friends laptops that may or may not have malware and God knows what else
Wired + Wireless Network #2, "I trust you, stay here"
- Remote work connection, connected via wireless
- Any work-related client devices connected via Cat6
Wired + Wireless Network #3, "I trust you too, but stay over here"
- My PCs, connected from a switch with Cat6
- NAS, connected on the same switch with Cat6
- Family tablets
- Family laptops, connected via wireless
And nary the 3 shall mix, but all 3 would somehow work with my cable modem and single IP.
As best as I can map out with my limited networking knowledge, I could either have
Option 1: A super-powered router that could handle all 3 wireless networks and also handle separate VLANs to tie specific LAN ports to the other wireless networks.
or
Option 2: I could get multiple routers and set up some kind of weird daisy chain?
Now I've barely touched VLANs and I'm not afraid of getting into the tech of it all, but for some reason I find network stuff...stressful/confusing. It never seems to work the way I expect it to, and dealing with devices that may or may not have specific features is a pain.
Anyone have any suggestions or resources to figure this out?
Thanks in advance.
0
Posts
And segregate the various networks there.
I should also clarify, this is kind of a hobby project too, so I'm fine spending some cash to set this up correctly.
pfsense can do all your segeration, NAT, routing, and VLANs
Unifi will let you VLAN per SSID for your wireless networks
the switch just needs to be smart enough to allow VLAN tagging
this is assuming the simple wired setup of you pre-determining which ports go to which VLAN. if you want to do really fancy where the device authenticates and the switch allows it on to the correct VLAN you'll want a server and a switch smart enough to that
pfsense can run on pretty much anything, and they have guides on picking hardware based on network size/performance, depending on the switch you find all of this can be done with GUI tools which makes it easier.
one caveat, a lot IoT devices are not designed to be on a network like this, you may lose some functionality