Hi guys,
I am busy with the planning stages of a network that I am looking to set up for a start-up I am involved with.
Currently we are running the following hardware:
-1 x DLink DSL-2500u ADSL Modem
-1 x TP-Link 24 port unmanaged gigabit switch
-3 x UniFi AP
-1 x FreeNAS server for storage
-1 x MS Server 2012 R2 running Domain Controller, RADIUS server, DHCP, Routing and Remote Access and a bunch of other services.
At the moment, everything is set up quite basically, with all the nodes plugging in directly to the 24 port switch.
I have no VLAN's set up at the moment and all nodes can communicate freely as they are all assigned addresses in the same 192.168.0.* range. Once connected to the network, there are currently minimal access controls in place, no VLAN's, etc.
I would like to implement the following technologies on this network, but seem a bit overwhelmed with options and a lack experience in deploying anything more complex than what I currently have.
The target structure for the network would need the following measures in place:
- A guest VLAN network (possibly only wireless but looking at also deploying 802.1x on the wired network connections), with access to only some of the services available - these would include: internet, a captive portal (busy developing this currently), as well as Plex.
-A corporate VLAN with access to file shares (still need to configure integration of FreeNAS and AD), all other services running on the network - This may still in future get segregated into additional separate VLAN's based on divisions, etc.
One thing that I need to mention is that the future structure will be used to serve VM's to "thin" clients, so latency and throughput will be quite essential. Initially the VM load will not be too heavy, but with time I am looking at supporting a nationally distributed network of clients connecting to VM's on the network. When the time does come (hopefully sooner rather than later) I will be investing in upgrading to a synchronous connection (fibre) to support employees logging in remotely to VM's to perform their duties.
What managed switch should I get to achieve what I want to achieve? This entire project is still in quite early start-up phase, so keeping costs down is a high priority. I am more than willing to consider 2nd hand units, but in terms of the network, I would like to keep the network running at minimum 1gbps speeds as far as possible.
I realise that the built in NAT firewall on the poor DLink router is being a bit overloaded with traffic as it is, and I am seriously considering deploying something like pfSense as a firewall/gateway to replace the existing setup.
I am busy with the planning stages of a network that I am looking to set up for a start-up I am involved with.
Currently we are running the following hardware:
-1 x DLink DSL-2500u ADSL Modem
-1 x TP-Link 24 port unmanaged gigabit switch
-3 x UniFi AP
-1 x FreeNAS server for storage
-1 x MS Server 2012 R2 running Domain Controller, RADIUS server, DHCP, Routing and Remote Access and a bunch of other services.
At the moment, everything is set up quite basically, with all the nodes plugging in directly to the 24 port switch.
I have no VLAN's set up at the moment and all nodes can communicate freely as they are all assigned addresses in the same 192.168.0.* range. Once connected to the network, there are currently minimal access controls in place, no VLAN's, etc.
I would like to implement the following technologies on this network, but seem a bit overwhelmed with options and a lack experience in deploying anything more complex than what I currently have.
The target structure for the network would need the following measures in place:
- A guest VLAN network (possibly only wireless but looking at also deploying 802.1x on the wired network connections), with access to only some of the services available - these would include: internet, a captive portal (busy developing this currently), as well as Plex.
-A corporate VLAN with access to file shares (still need to configure integration of FreeNAS and AD), all other services running on the network - This may still in future get segregated into additional separate VLAN's based on divisions, etc.
One thing that I need to mention is that the future structure will be used to serve VM's to "thin" clients, so latency and throughput will be quite essential. Initially the VM load will not be too heavy, but with time I am looking at supporting a nationally distributed network of clients connecting to VM's on the network. When the time does come (hopefully sooner rather than later) I will be investing in upgrading to a synchronous connection (fibre) to support employees logging in remotely to VM's to perform their duties.
What managed switch should I get to achieve what I want to achieve? This entire project is still in quite early start-up phase, so keeping costs down is a high priority. I am more than willing to consider 2nd hand units, but in terms of the network, I would like to keep the network running at minimum 1gbps speeds as far as possible.
I realise that the built in NAT firewall on the poor DLink router is being a bit overloaded with traffic as it is, and I am seriously considering deploying something like pfSense as a firewall/gateway to replace the existing setup.
Last edited: