Guys,
need your advice.
I am looking to change our network environment at home because of the Solar Inverters we are getting and also family is asking to be allowed to use our Wifi when they come over ;)
Network layout will look something like this with the OpnSense Firewall only having 2 Ports
(https://i.ibb.co/c3z9GGD/Network-Layout.png)
Main switch will have these devices connected approx
(https://i.ibb.co/Sr1FwHc/main-switch.png)
2nd Switch
(https://i.ibb.co/Gt01BKm/Switch-2-living.png)
3rd Switch
(https://i.ibb.co/5KnpPtB/Switch-3.png)
As you can see I am looking to divide it in to VLANS
VLAN 10
- Management
(for example Switches, Main PC)
VLAN 20
- Laptop
- NAS
- WAP (VLAN Aware) for Trusted Devices
- Mobile Devices
- etc
Vlan 30
- Test devices
Vlan 55
- WAP for Untrusted Devices (WAP = VLAN Aware)
- Guest Devices, Mobile Phones etc
- etc
Vlan 65
- Solar Inverters
- etc
I am thinking of using these DHCP ranges
VLAN10 10.125.10.1 - 10.125.10.255 /24
VLAN20 10.125.20.1 - 10.125.20.255 /24
VLAN30 10.125.30.1 - 10.125.30.255 /24
VLAN55 172.25.55.1 - 172.25.55.255 /24
VLAN65 172.25.65.1 - 172.25.65.255 /24
Any comments are more then welcome
TiA
Edit: Switches are all Managed Switches and L2.
And this is the proposed OpnSense Firewall setup
Explanation
10,20,30,55,65 = VLAN ID
(https://i.ibb.co/0G5bFBq/firewall.png)
Any comments are appreciated