Messages

1

Virtual private networks / Re: Recommended VPN Provider | (Renewal Coming up)

« on: September 05, 2023, 05:00:05 pm »

So, I've yet to begin my OPNsense journey as I'm waiting for the last bit of hardware to arrive; however, I'm continuing with the preparation/planning phase in the interim.

ISP Internet Plan | AT&T 500 Fiber Plan

My SurfShark VPN Subscription ends on 3/2024 & I'm looking to identify if I should stay or go to a different provider based on the following scenarios.

1. My Setup will closely be modeled following: https://schnerring.net/blog/opnsense-baseline-guide-with-vpn-guest-and-vlan-support/

1b. For the VPN side (wireguard) , also will reference: https://www.reddit.com/r/OPNsenseFirewall/comments/vljmq5/opnsense_selective_routing_over_nordvpn/ & https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html

2. I will always have devices like my unraid/jellyfish NAS in the VPN Network VLAN group and the VM in the proxmox server used to acquire/download the media.

For streaming/torrenting, is SurfShark still an acceptable choice for this use case? ( I Realize port forwarding for torrenting is super important from a speed perspective)

**Looks like Nord, PIA & Mullvad have good documentation however Mullvad seems to be a favorite from a privacy and price perspective.

2

Virtual private networks / Recommended VPN Provider | (Renewal Coming up)

« on: September 04, 2023, 04:45:32 pm »

So, I've yet to begin my OPNsense journey as I'm waiting for the last bit of hardware to arrive; however, I'm continuing with the preparation/planning phase in the interim.

ISP Internet Plan | AT&T 500 Fiber Plan

My SurfShark VPN Subscription ends on 3/2024 & I'm looking to identify if I should stay or go to a different provider based on the following scenarios.

1. My Setup will closely be modeled following: https://schnerring.net/blog/opnsense-baseline-guide-with-vpn-guest-and-vlan-support/

1b. For the VPN side (wireguard) , also will reference: https://www.reddit.com/r/OPNsenseFirewall/comments/vljmq5/opnsense_selective_routing_over_nordvpn/ & https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html

2. I will always have devices like my unraid/jellyfish NAS in the VPN Network VLAN group and the VM in the proxmox server used to acquire/download the media.

For streaming/torrenting, is SurfShark still an acceptable choice for this use case? ( I Realize port forwarding for torrenting is super important from a speed perspective)

**Looks like Nord & PIA have good documentation however Mullvad seems to be a favorite from a privacy and price perspective.

3

General Discussion / Home Network | Preparation

« on: August 27, 2023, 01:53:19 am »

Currently I'm stuck with AT&T 500 Fiber, utilizing their BGW320-505 Modem/Router Gateway Device.

My goal is to setup OPNsense on a N100 Appliance to sit behind the BGW320 Gateway, using a 5-port TP Link Smart Managed Switch & EAP620HD AP to give Wifi access to the rest of the devices in my home.

Hardware List:

"Barebones" N100 unit here:
https://www.aliexpress.us/item/3256805482073699.html?spm=a2g0n.productlist.0.0.1850263fxK2dx1&browser_id=816de12586f74033a8a197c296c52431&aff_platform=msite&m_page_id=puhyysaagcardzqx18a2fc5a7ee113ec3f4b1b1694&gclid=&pdp_npi=4%40dis%21USD%21229.20%21119.18%21%21%21229.20%21%21%40211bc2a016930185973622277d07a1%2112000033953188056%21sea%21US%212748491881%21A&algo_pvid=7ed4c822-80c2-45ec-a96f-c0539127ee1b

Added the following upgrades to the appliance:

1x 970 1Tb M.2 (Samsung)- https://www.amazon.com/gp/product/B07MFZY2F2/ref=ppx_yo_dt_b_asin_title_o02_s00?ie=UTF8&psc=1

1x 32Gb DDR5 4800Mhz Ram
https://www.amazon.com/gp/product/B09RVNMGFH/ref=ppx_yo_dt_b_asin_title_o02_s00?ie=UTF8&psc=1

Network:

1x 5 Port TP Link PoE Smart Managed Switch
https://www.amazon.com/gp/product/B0BWSWLV7L/ref=ppx_yo_dt_b_asin_title_o00_s00?ie=UTF8&psc=1

1x TP Link EAP 620HD AP
https://www.amazon.com/gp/product/B09WV3X1N7/ref=ppx_yo_dt_b_asin_title_o01_s00?ie=UTF8&psc=1

Two video tutorial resources I'll be using:

1. Setup BGW320 in "Passthrough Mode" (https://www.youtube.com/watch?v=aShbl1JZMx8)
2. Install & Setup OPNsense on Topton N100 Appliance(https://www.youtube.com/watch?v=54JWsGedXpo (4-Part Video Series)

Network Topology/Specifications:

1. "Trusted" VLAN(10) for most of the computers, laptops, phones in home.
2. "Untrusted" VLAN (20) for IoT devices, TVs ect.
3. "Guest" VLAN(30) for any temporary devices
4. "Management" VLAN (40) to access OPNsense, Switch, and Router Interfaces?
5. "Lab" VLAN (50) For everything else I may dork around with.

*Will need to be able to setup Wireguard VPN Server w/ Surfshark to Route either by device or VLAN potentially. Im hesitant to route all of VLAN(10) through.

*Will need to setup ZenArmor & AdGuardHome

--This is more or less serving as a way to organize my thoughts, receive constructive feedback & suggestions as I drive myself and my family nuts implementing this

4

Hardware and Performance / Re: N100 box or self build?

« on: August 26, 2023, 07:48:53 pm »

Overkill

Why not both?
My dual core VM using 1 GB of its allocated 4 GB RAM in under 50 GB of disk space serves a domestic gigabit connection with four users.

Are you sure of your requriements?

Bart...

Decided to go with the "Barebones" N100 unit here:
https://www.aliexpress.us/item/3256805482073699.html?spm=a2g0n.productlist.0.0.1850263fxK2dx1&browser_id=816de12586f74033a8a197c296c52431&aff_platform=msite&m_page_id=puhyysaagcardzqx18a2fc5a7ee113ec3f4b1b1694&gclid=&pdp_npi=4%40dis%21USD%21229.20%21119.18%21%21%21229.20%21%21%40211bc2a016930185973622277d07a1%2112000033953188056%21sea%21US%212748491881%21A&algo_pvid=7ed4c822-80c2-45ec-a96f-c0539127ee1b

Added the following upgrades to the appliance:

1x 970 1Tb M.2 (Samsung)- https://www.amazon.com/gp/product/B07MFZY2F2/ref=ppx_yo_dt_b_asin_title_o02_s00?ie=UTF8&psc=1

1x 32Gb DDR5 4800Mhz Ram
https://www.amazon.com/gp/product/B09RVNMGFH/ref=ppx_yo_dt_b_asin_title_o02_s00?ie=UTF8&psc=1


Network:

1x 5 Port TP Link PoE Smart Managed Switch
https://www.amazon.com/gp/product/B0BWSWLV7L/ref=ppx_yo_dt_b_asin_title_o00_s00?ie=UTF8&psc=1

1x TP Link EAP 620HD AP
https://www.amazon.com/gp/product/B09WV3X1N7/ref=ppx_yo_dt_b_asin_title_o01_s00?ie=UTF8&psc=1

5

Hardware and Performance / Re: Alder Lake N100 fanless build

« on: August 26, 2023, 03:05:58 pm »

Just confirming is the N100 still the best value/performance at the moment?

Thanks again

I read https://www.servethehome.com/fanless-intel-n100-firewall-and-virtualization-appliance-review/ and went with N100. It‘s working great, full 2.5G throughput with Zenarmor.

Great to hear, should be more than enough then for my home network it seems.

6

Hardware and Performance / N100 box or self build?

« on: August 26, 2023, 04:57:56 am »

Was trying to weigh the pros/cons and price/performance of purchasing a barebone N100 then adding up to 32Gb RAM & 1Tb m.2 https://www.aliexpress.us/item/3256805482073699.html?spm=a2g0n.productlist.0.0.1850263fxK2dx1&browser_id=816de12586f74033a8a197c296c52431&aff_platform=msite&m_page_id=puhyysaagcardzqx18a2fc5a7ee113ec3f4b1b1694&gclid=&pdp_npi=4%40dis%21USD%21229.20%21119.18%21%21%21229.20%21%21%40211bc2a016930185973622277d07a1%2112000033953188056%21sea%21US%212748491881%21A&algo_pvid=7ed4c822-80c2-45ec-a96f-c0539127ee1b

Or building something like this (Overkill)
https://pcpartpicker.com/user/Guavy/saved/qPKmLk

7

Hardware and Performance / Re: Alder Lake N100 fanless build

« on: August 26, 2023, 03:48:15 am »

Considering getting something similar from AliExpress, https://www.aliexpress.us/item/3256805482073699.html?spm=a2g0n.productlist.0.0.6ade263fasMk0y&browser_id=816de12586f74033a8a197c296c52431&aff_platform=msite&m_page_id=puhyysaagcardzqx18a2f8579a51ef7313e720b9d2&gclid=&pdp_npi=4%40dis%21USD%21229.20%21119.18%21%21%21229.20%21%21%402122436b16930143912156686d0880%2112000033953188056%21sea%21US%212748491881%21A&algo_pvid=2c8381bb-b158-49f4-b7bc-e9379a7a7dbd

Just confirming is the N100 still the best value/performance at the moment?

Thanks again