Home Network Design

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.

sapper6fd

Member
May 21, 2013
48
1
8
Morning all.

So I'm redesigning my home network as I mentioned in a previous post. I have a few questions for you network pros before jumping head first into it.

This is what I want to do

100Mbps Internet Modem
> pfSense firewall

PfSense Firewall
> Apple Airport

Apple Airport
> Laptop (wired)
> PS3 (WiFi)
> MacBook Air (WiFi)
> multiple iPhones (WiFi)
> HTPC (wired)
> Raspberry Pi (wired)
Apple Airport > Netgear 8 Port Gbit Switch

Netgear Switch
> 12TB Freenas Box
> Poweredge 2950 III ESXi box (5 VM's)

I would like the airport to handle the DCHP requests and port forwarding. Can this be done or should I allow pfSense to do it and turn the airport into a dumb switch? If I turn it into a dumb switch, will I still have access to the built in Apple Time Capsle? (Don't ask - the wife wants it). Most systems are static IP's as it is and I want to keep it that way. The DHCP is for the wife's MacBook and our iPhones.

Is there anything I'm missing or should be taking into consideration?
 
Last edited:

nitrobass24

Moderator
Dec 26, 2010
1,087
131
63
TX
I would put the uplink from PFSense into the Netgear switch and attach your Airport to the switch.

You can still run DHCP on the airport if you want....assuming your networks are on the same subnet.
 

sapper6fd

Member
May 21, 2013
48
1
8
Ok so taking your comment about plugging into the the Netgear switch from the PFSense Firewall, this is what I have come up with. Lets see how it goes.

 
Last edited:

Lost-Benji

Member
Jan 21, 2013
424
23
18
The arse end of the planet
Last time I looked at a bloody Crapple airport, it wanted to be both gateway and DHCP regardless. I won't have a bar of the bloody things.
You have PFsense, let it do what it was intended to do and control the network.
 

RTM

Well-Known Member
Jan 26, 2014
956
359
63
I agree with the others, it is generally a bad idea to double NAT a network, at least performance wise.
In addition I would connect all wired devices to the switch, which should help with performance to the NAS and the ESXi server.

Furthermore I found a forum thread at apple.com, which should show you how to configure your airport to act as an access point: https://discussions.apple.com/message/18097726#18097726
 

sapper6fd

Member
May 21, 2013
48
1
8
I would love to toss the airport. Believe me. But for some reason the wife just won't allow it. I'll place it in bridge mode and be done with it for the most part. She can continue to use the Time Capsle portion of it instead of the NAS that I already have on the network. I hate apple systems more than than anyone else but if I want to keep my bits where they are, the airport has to stay. A happy wife is a happy life. Lol.

Maybe I'll take a 12 volt battery, attach so wires to it and zap a few points in it. But with my luck she will go out and buy another to be connected to the network.
 

Lost-Benji

Member
Jan 21, 2013
424
23
18
The arse end of the planet
I would love to toss the airport. Believe me. But for some reason the wife just won't allow it. I'll place it in bridge mode and be done with it for the most part. She can continue to use the Time Capsle portion of it instead of the NAS that I already have on the network. I hate apple systems more than than anyone else but if I want to keep my bits where they are, the airport has to stay. A happy wife is a happy life. Lol.

Maybe I'll take a 12 volt battery, attach so wires to it and zap a few points in it. But with my luck she will go out and buy another to be connected to the network.
ROFLMAO, point taken.

Put it to the side of the network and let her connect to it, if she gets a double-NAT, who cares, she won't know about it. Keep rest clean and proper.
 

sapper6fd

Member
May 21, 2013
48
1
8
4 hours of work, some trouble shooting and everything is up and running flawlessly. pfSense is working as it should and most importantly, blocking the 6000 or so RDP login attempts in my server Windows 2008 box.