Please Read: Significant Update Planned, Migrating Forum Software This Month

See more
See less

Cisco SG300 L3 with pfSense firewall configuration help needed :)

  • Filter
  • Time
  • Show
Clear All
new posts

  • Cisco SG300 L3 with pfSense firewall configuration help needed :)

    I search the forums for a similar topic but didn't find any, as the post is mostly in regards to the Cisco sg300 I think it fits, if n to please advise.

    Hi everyone, first post here

    Bit about myself, 20 years doing IT, zero formal training, just hands on self taught.
    My problem was a very messy, unstructured, not very secure home network using mostly end user hardware. It knowledge is decent but not strong enough to put this all together myself sadly.

    My solution, wall mounted 20U rack and the following hardware in order of connectivity. Done

    isp modem/router in bridge mode. Done
    Supermicro 1U D525 rangeley box with PfSense as firewall only. Done
    24 port patch panel. Done, everything is punched down.
    Cisco SG300 switch currently in L3 mode for my router. Done
    Various PC's in various rooms all wired.
    Various TV's in various rooms, wired and wireless.
    Portable devices with wifi, iPads, iPods etc.
    Asus 68U router in AP mode for kids wifi, lower level
    Dlink router in AP mode for adults wifi, upper level
    Various ip cameras, mostly wired, Shielded cat6.
    One PC currently serving as backup/movies/music server will be a rack mount or two replacing it in the future.

    What I need help with is the exact configuration of the main pieces. My head just swims at the Vlan setup stage!
    What ip should I use for the PfSense firewall and what needs to be set in there for Vlans in the SG300, trunk I think it's called
    What ip to use for the SG300,
    What Vlan configuration should I do for the various pieces.

    I made assumptions upon assumptions but I just get lost. I see on the net that people use things like Vlan .10 for wifi and then Vlan .20 for a file server and Vlan .30 for web server etc but I don't understand why or the impact of those choices.

    I have direct access to all the hardware so I can plug in to any piece and change any settings. I currently have Gui access to pfSense and the SG300, isp modem if I had to but it's bridged already and sending a signal to my pfSense. I'm somewhat hooked up but I won't detail that because I presume it's all wrong and will get blown up on some kind persons advice in here :0

    Any help would be appreciated.

    22 views and counting and no response, I must have something wrong with my post. Let's try something simpler then:

    Isp router
    PfSense box (firewall)
    Cisco sg300 (routing, vlans)

    Can anyone explain briefly what ip addresses and or subnets need to go where in the above hardware configuration please?

    Even a simple hand drawn sketch with a brief explanation of what needs to be done in the PfSense box and in the sg300 box to accomplish my goal. Even just referencing a single vlan setup so that I can see how it is done, play around with it and learn as I go

    Last edited by Compumanis; 25th January 2016, 19:44. Reason: No responses, must have been written poorly I guess