I want some advice about network topology.
I want to setup a small network partitioned into three sub-networks:
DMZ (Eth). Supports incoming connections on specific ports.
Guest (Wifi). Pretty open.. Advice?
Private (Wifi + Eth). No incoming connections.
Internet is fibre to ISP with IPOE and VLAN.
##########
I have a variety of networking junk (switches, old routers) that I’ve faithfully hoarded over the years and recently acquired thin clients with (soon to be) dual ETH ports:
1 x HP t520
1 x HP t620 (dual core, regular version)
2 x HP t630
I hope to arrange two or more of these to provide the required sub-networks.
hi, to do what you ask I would use IPFire, with 3 networks
the red, the green and the blue
the red as dmz
the green the private network with a dedicated wi-fi access point
the blue with a dedicated access point
this way you can make different rules for the green and blue network
HP t620 running IPFire. Red = Router ETH switch. Green = Private.
HP t520 running IPFire. Red = Router ETH switch. Green = DMZ.
In terms of hardware I want simple, reliable, and fast-enough.
I have a mini PCIE ETH card that works on the t620 (Realtek 8111H), but not the t520 (BIOS reboot loop).
I have a different brand PCIE ETH card (Realtek 8111H) on order for the t520 and a separate order for an M2 ETH card (I210at) for the t630. It seems to be hit and miss with these things. I pulled the t620 apart. My example uses a Realtek 8151GH.
hi
i would pass all the traffic through IPFire
this way you can manage it with your rules
but it is one of the possible solutions and it depends on what you want to do