Hey everyone,
I made this thread once before but some things have changed so I need more help. I have a pretty vanilla set up here. I don't think it's anything unusual. I am looking for "best practices" when dealing with clients, servers, virtual guests, DMZ, etc. Does anyone has any examples (hopefully network diagrams) of how a home lab network should be set up? Thanks!
I have it all working right now but I'm not happy because I know it's not secure. I don't have a DMZ or VLANs set up. There is no NAT. Everything has routes set up. Basically I have it set up very simple like this:
PHYSICAL:
INSIDE THE ESXi ALL IN ONE: All network traffic stays virtualized within the box, with the exception of the pfSense's WAN
I have available to me:
I made this thread once before but some things have changed so I need more help. I have a pretty vanilla set up here. I don't think it's anything unusual. I am looking for "best practices" when dealing with clients, servers, virtual guests, DMZ, etc. Does anyone has any examples (hopefully network diagrams) of how a home lab network should be set up? Thanks!
I have it all working right now but I'm not happy because I know it's not secure. I don't have a DMZ or VLANs set up. There is no NAT. Everything has routes set up. Basically I have it set up very simple like this:
PHYSICAL:
Code:
10.0.0.0/24 - ASUS RT-N16 and all wired/wireless devices
10.0.0.1 - Gateway for wired/wireless devices (this is the ASUS)
10.0.0.10 - ESXi vmnic0 (vSwitch0) - Dedicated for VMKernel management
10.0.0.254 - ESXi vmnic1 (vSwitch1) - only pfSense gateway has access and this is it's WAN IP
10.0.0.100-150 - DHCP for clients
INSIDE THE ESXi ALL IN ONE: All network traffic stays virtualized within the box, with the exception of the pfSense's WAN
Code:
10.0.1.0/24 - All ESXi guests are connected to vSwitch5 (no physical NIC)
10.0.1.254 - Gateway for all virtual guests (pfSense 2.0 virtualized, WAN port is the ASUS above)
10.0.1.100-150 - Server range
I have available to me:
- My ISP's cablemodem w/ single port
- ASUS RT-N16 Router (4x GigE ports) running Tomato firmware (VLAN capable)
- Linksys WRT54G Router (4x 100Mbit ports) running Tomato firmware (VLAN capable)
- 8-port unmanaged gigabit switch
- Netgear 48-port Managed Switch (old as hell, GUI sucks, don't really want to use it)
- ESXi/Solaris "All in One" which has:
- 4 Gigabit NICs
- 20 virtual guests, 5 of which provide services to the internet and should be in DMZ - Multiple client machines/wireless devices in trusted private LAN
Last edited: