Go | New | Find | Notify | Tools | Reply | |
W07VH5 |
I've got the pfSense box running well enough like this. Right now the NAS has a pihole and pivpn (wireguard) running on it so that I can be ok with running my phone on a public WiFi. I've got pfBlockerNg installed on the pfSense box so I may be rethinking that. Truthfully, I like how pihole and pivpn work so I may leave it as is. There are no VLANs set up on the pfSense box, only on the switch. I figured VLANs on the pfSense was unnecessary as I have the 4 port PCIe, each with their own subnet(?), and I've plenty of space on the switch. Is that a mistake? Is there a better way? The family computers and the NAS are on the 192.168.13.0 network. Neither IoT network can ping the LAN or Trusted Wireless network. Should I move the TVs so that the phones on the Trusted Wireless can stream to them? This is my first attempt at securing and setting up the home network beyond sticking a router in there and running everything on 192.168.1.x. Do you see any glaring mistakes?  It seems to be working as expected. | ||
|
The One True IcePick |
I'd probably combine the trusted wired/wireless and the iot wired/wireless. and just have a trust subnet and an IOT subnet. I think you are adding complexity without any/enough reduction in risks. That's what I have. I don't stream from phones to TVs, I left my TV On the IOT network. | |||
|
quarter MOA visionary |
^^^^ I agree ^^^^ | |||
|
| W07VH5 |
I think you're both right. I'll just move the WAPs to their respective wired VLANs. Now I've got two extra ports. Any other use for them? Maybe I can use one for a dedicated management port and one for a database server. | |||
|
| Powered by Social Strata |
 | Please Wait. Your request is being processed... |
|
© SIGforum 2025