Good/bad practice: WAN and LAN on the same layer 2 switch

[aoikite]

Hello everyone.

a "genius idea" went through my head while thinking about my soon to be next setup.

both the hardware i'm going with is laptop based cpu with AES-ni support, but unfortunately, the desktop motherboard version has a bad bios which does not allow the use of AES-ni  so it hoght abot this:

me not having a managed switch, i can let my  modem (td-w8901g, old adsl2+ modem, it does the job for what we have ) to initiate the PPPOE connection but disable DHCP  and NAT too maybe (and let it on same subnet or put it in different one if possible) and somehow tell Opnsense to route traffic to its IP as its WAN interface in DHCP mode.

and if this idea works I can connect the 4G modem the same way and have failover/load balance.
I don't know if it's even possible but he's a graph

the questinos are :
1- is it feasable ?
2- is it secure ? the adsl and 4g modems are the connection initiators, Opnsense connect to them as a "simple client via DHCP).

this wold solve the chocie of hardware i have on my hands for me (and hopefully avoid me spending money i don't have for now lol, but worst case scenario i can just forget abot aes-ni in the future.

thank you guys for yor future answers hopefully ^^ .

[bartjsmit]

Some axioms:

- You need a router to connect LAN to WAN and enforce a security policy.
- A router needs two interfaces, at least logically.
- Without a VLAN capable switch, you need two physical interfaces

Depending on the hardware, that means something like an M.2 or USB ethernet adapter. Neither of which are expensive, but neither is a managed switch.

I wouldn't worry too much about AES compared to the basic connectivity  ;)

Bart...