![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
I currently have an Atom 945GCLF board running a 2GB CF card, with 2GB of DDR2 667 and a Soekris 4 port ethernet card. I use m0n0wall as a NAT/VPN server with one ethernet port going to a wireless bridge, one to the cable modem and one to an unmanaged Netgear gigabit switch, and it works beautifully. However, I was wondering if it would be possible to make it... well, a little [H]arder. My desktop is a power hog; however, I use it as a network file and print server, so it's on all the time. (An aside: if you're in the market for a network laser printer, be aware that the HP P2015n has an undocumented "feature" where it will drop packets from outside it's subnet)
What I would like to do would be to replace that Atom's Soekris card with an Intel single port pro/1000 card, install a 500GB SATA hard drive, and then install VMware ESXi on to a replacement 2GB CF card. I would then use a Netgear GS108T and VLANs to partition the wireless, lan, and wan connections into different subnets and VLANs, and then install and configure m0n0 in VM. I would then install FreeBSD (in VM) onto the 500GB, and use that as the server. However, I'm a complete VLAN and VMware noob.
Is this setup realistic? Is segmenting the cable modem and wireless connection onto their own VLANs as secure as keeping them behind their own ports, like I have now? Are there any new security risks introduced along with this setup? I've seen forum posts indicating that ESXi will run on that motherboard, but will it install on a 2GB Flash module and run correctly? Will DHCP with Comcast work with such a setup?
Bonus picture of my current setup:
What I would like to do would be to replace that Atom's Soekris card with an Intel single port pro/1000 card, install a 500GB SATA hard drive, and then install VMware ESXi on to a replacement 2GB CF card. I would then use a Netgear GS108T and VLANs to partition the wireless, lan, and wan connections into different subnets and VLANs, and then install and configure m0n0 in VM. I would then install FreeBSD (in VM) onto the 500GB, and use that as the server. However, I'm a complete VLAN and VMware noob.
Is this setup realistic? Is segmenting the cable modem and wireless connection onto their own VLANs as secure as keeping them behind their own ports, like I have now? Are there any new security risks introduced along with this setup? I've seen forum posts indicating that ESXi will run on that motherboard, but will it install on a 2GB Flash module and run correctly? Will DHCP with Comcast work with such a setup?
Bonus picture of my current setup: