Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 27 subscribers
  • Views 6481 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

New Hardware Firewall Setup Advice

Johnny B

Hi,

I am planning to setup a home hardware firewall.

 

MODEM/ROUTER: Telstra Gateway NBN

SOFTWARE: Sophos XG Firewall Home Edition

HARDWARE: Qotom Mini PC Barebone 4 Lan Micro PC AES-NI Dual Core i5 i3 PFsense Firewall Mini Computer Linux Ubuntu Fanless Mini PC Server

SWITCH: TP-Link 5 Port Gigabit Switch (10/100/1000) (unmanaged)

WAP: Ubiquiti UniFi AC Pro AP (with poe injector)

Wifi Requirements: 2 SSID different networks e.g. Guest Wifi, Personal LAN Wifi. 

 

Would appreciate confirmation on the above software/hardwares or any recommendations/advice/changes. 

 

The setup would be:

Modem connects to Mini PC (eth port 1) running Sophos XG Firewall.
Mini PC (eth port 2) connects to switch.
Switch connects to WAP.

Is this correct? what about if I also wanted a PC to connect to LAN using ethernet, do I need a managed switch for this? or can I use another port (eth port 3) on the mini PC? or another port on the unmanaged switch.

 

Thanks!



This thread was automatically locked due to age.
  • 0

    Hi,

    to make life easier for yourself make sure the nbn modem is in bridge mode.

    Your proposed setup looks okay, just remember that you cannot manage that AP from the XG. If you want to connect PC to the XG just plug it into one of the ports of your 5 port switch.

    Ian

    What speed connection did you get with the NBN and what type of connection? One day I expect I shall see fttc delivered to my home.

  • 0 in reply to rfcat_vk

    thanks Ian,

    so just to understand, the Unifi AP AC Pro will be managed by the UniFi Network Management Controller software, this software is where I will setup SSIDs etc? (all traffic will still pass through the firewall first, so wifi access/users will still be subject to XG firewall security features?)

    how does the interaction between the Firewall and Unifi AP work? is it just an internet connection being provided to the AP? e.g. does the Firewall and AP have the same networks/ip ranges or completely different? is the DHCP still from the firewall for the wireless devices connected to the AP? 

    would I have both the AP and lan pcs connected to the same switch? or have the AP connected to a different port in the firewall?

     

    1. LAN (ethernet)

    2. Wifi (guest)

    3. Wifi (LAN or other seperate network to guest)

     

    currently NBN fttp 50/20.

  • 0 in reply to Johnny B

    Hi Johnny,

    The AP would plug into your switch and be the same as any other network device. I assume the DHCP server will be on the XG, just be aware that the DHCP server does not have any option settings in the GUI and does not talk to the DNS at this stage.

    How you connect devices to the firewall will depend on what you are trying to achieve, eg do you have a printer on your LAN that all devices will want to access? You might need to assign a different IP range on the guest SSID so you can manage the user internet access.

    Ian