Cisco SG300 L3 with pfSense firewall configuration help needed :)

Home Forums Networking Cisco Routers & Switches How-to Cisco SG300 L3 with pfSense firewall configuration help needed :)

Viewing 1 post (of 1 total)
  • Author

  • Compumanis

    I search the forums for a similar topic but didn’t find any, as the post is mostly in regards to the Cisco sg300 I think it fits, if n to please advise.

    Hi everyone, first post here :)

    Bit about myself, 20 years doing IT, zero formal training, just hands on self taught.
    My problem was a very messy, unstructured, not very secure home network using mostly end user hardware. It knowledge is decent but not strong enough to put this all together myself sadly.

    My solution, wall mounted 20U rack and the following hardware in order of connectivity. Done

    isp modem/router in bridge mode. Done
    Supermicro 1U D525 rangeley box with PfSense as firewall only. Done
    24 port patch panel. Done, everything is punched down.
    Cisco SG300 switch currently in L3 mode for my router. Done
    Various PC’s in various rooms all wired.
    Various TV’s in various rooms, wired and wireless.
    Portable devices with wifi, iPads, iPods etc.
    Asus 68U router in AP mode for kids wifi, lower level
    Dlink router in AP mode for adults wifi, upper level
    Various ip cameras, mostly wired, Shielded cat6.
    One PC currently serving as backup/movies/music server will be a rack mount or two replacing it in the future.

    What I need help with is the exact configuration of the main pieces. My head just swims at the Vlan setup stage!
    What ip should I use for the PfSense firewall and what needs to be set in there for Vlans in the SG300, trunk I think it’s called
    What ip to use for the SG300,
    What Vlan configuration should I do for the various pieces.

    I made assumptions upon assumptions but I just get lost. I see on the net that people use things like Vlan .10 for wifi and then Vlan .20 for a file server and Vlan .30 for web server etc but I don’t understand why or the impact of those choices.

    I have direct access to all the hardware so I can plug in to any piece and change any settings. I currently have Gui access to pfSense and the SG300, isp modem if I had to but it’s bridged already and sending a signal to my pfSense. I’m somewhat hooked up but I won’t detail that because I presume it’s all wrong and will get blown up on some kind persons advice in here :0

    Any help would be appreciated.

    22 views and counting and no response, I must have something wrong with my post. Let’s try something simpler then:

    Isp router
    PfSense box (firewall)
    Cisco sg300 (routing, vlans)

    Can anyone explain briefly what ip addresses and or subnets need to go where in the above hardware configuration please?

    Even a simple hand drawn sketch with a brief explanation of what needs to be done in the PfSense box and in the sg300 box to accomplish my goal. Even just referencing a single vlan setup so that I can see how it is done, play around with it and learn as I go :)


Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.

External Sharing and Guest User Access in Microsoft 365 and Teams

This eBook will dive into policy considerations you need to make when creating and managing guest user access to your Teams network, as well as the different layers of guest access and the common challenges that accompany a more complicated Microsoft 365 infrastructure.

You will learn:

  • Who should be allowed to be invited as a guest?
  • What type of guests should be able to access files in SharePoint and OneDrive?
  • How should guests be offboarded?
  • How should you determine who has access to sensitive information in your environment?

Sponsored by:

Office 365 Coexistence for Mergers & Acquisitions: Don’t Panic! Make it SimpleLive Webinar on Tuesday, November 16, 2021 @ 1 pm ET

In this session, Microsoft MVPs Steve Goodman and Mike Weaver, and tenant migration expert Rich Dean, will cover the four most common steps toward Office 365 coexistence and explain the simplest route to project success.

  • Directory Sync/GAL Sync – How to prepare for access and awareness
  • Calendar Sharing – How to retrieve a user’s shared calendar, or a room’s free time
  • Email Routing – How to guarantee email is routed to the active mailbox before and after migration
  • Domain Sharing – How to accommodate both original and new SMTP domains at every stage

Aimed at IT Admins, Infrastructure Engineers and Project Managers, this session outlines both technical and project management considerations – giving you a great head start when faced with a tenant migration.the different layers of guest access and the common challenges that accompany a more complicated Microsoft 365 infrastructure.

Sponsored by: