Deleted
Deleted Member
Posts: 0
Deleted
inherit
guest@proboards.com
11521
0
Deleted
0
January 1970
Deleted
|
Post by Deleted on Aug 2, 2021 20:25:29 GMT
So, this is happening. Still haven't decided on how to distribute wireless, but I guess for the time being I can just turn my newer old router into another AP. Installed the cabinet into the wall today, and ran electric for an outlet in the cabinet to an inlet at standard outlet height. Why inlet? I already own a UPS for this, but it is too large to go in the cabinet. It will sit on a shelf or chest of drawers, not sure yet, but the power has to get from the UPS to the cabinet. Thus, wall feeds UPS > UPS feeds inlet > inlet feeds cabinet outlet > cabinet has UPS juice. Halfway through with the new coaxial runs - one for HD antenna (for HDHomeRun) and one for internet (no good fiber option in my neighborhood yet). Two of the 5 cat runs are into the box, the easiest (entertainment area) and the two longest (office) remain. Double-pumping my office so that my gaming PC can be direct to the router, whereas the printers and switch currently there will be from a separate line. This is called overkill Anyways, this is a nice feature for your home in my opinion. I will share a finished pic once everything is there, but for now enjoy a very boring beginning - This will be a two-day project for me, because I am not in a rush for once and also it is my house, so taking extra time because I can. Very fancy labeling system on the coax. Can't see it on the Cat6 but it's there. ... Final population of this box - one Netgear modem, one Netgear 5 port switch, Netgate SG2100 router, HDHomeRun. Not doing a wired patch panel, I might want to have flexibility there.
|
|
Deleted
Deleted Member
Posts: 0
Deleted
inherit
guest@proboards.com
11521
0
Deleted
0
January 1970
Deleted
|
Post by Deleted on Aug 3, 2021 16:17:55 GMT
I have to reroute one cable back to the enclosure, and then all the cables are run. Today is cable terminating day - have to put RG6 connectors on the coax at each end, and cat6 will need to be terminated to keystones at the service end, and connectors at the feed. It will also be a software testing day, need to dig into the basics of the SG2100 and get it set up with the basics so I can make an easy swap. I haven't used pfSense before, so I have some reading and experimenting to do, but the gist of it (as many of you know) is to get everything named properly at the router and assign my static addresses to that named equipment. This is for simplicity, and serves a security purpose - anything without a name (only an IP address and MAC id) is either a guest or a rogue that needs to be crushed. I love and hate this part. Cat6 connectors force you to be methodical, and preparing the wires is key. I have learned over time, that you just need to slow down, and it works a lot better. I use pass-thru style clamshells, so getting the wires untwisted and straightened up nicely without enough "memory" to start twisting again as you try to push them through, is everything. If you haven't done this before, the cost is in the tools (have to have a special crimper that also cuts as it crimps), but it is quite easy to do. The mistake most rookies make is not pulling the cable through all the way, so that the outer PVC jacket of the cable is inside the body beyond the crimping line. If you don't bite the jacket, you have two problems - 1) there is no strain relief, that connector will come off eventually or right away, and 2) you have too much untwisted pair exposed out of the jacket. Cat6 is fascinating stuff. Each pair of cables (there are 4 pairs, total of 8 wires) is twisted at a different twist rate. This is to reduce interference (and potential packet loss) from electromagnetic radiation. This is known as cross-talk, but it is all electrons baby, thus my use of EM for description. The higher grade cables increase the distance between the pairs with better isolation to further minimize this potential issue. Anyways, that's my update for the day. Running ~600 feet of cat and coax yesterday, and dressing it all properly in the joists in the garage and then over the suspended ceiling in the basement, has left me a little spent I hope to terminate the cables at least today, and finish the installation on Wednesday. Then I can get back to the Carnifex!
|
|
Deleted
Deleted Member
Posts: 0
Deleted
inherit
guest@proboards.com
11521
0
Deleted
0
January 1970
Deleted
|
Post by Deleted on Aug 5, 2021 18:18:24 GMT
Sigh. Managed to staple through one of my longer Cat6 runs today It is the worst feeling. Anyways, it was a secondary line for my lab PC and printers. I cut it, and will just throw a coupler up there... but it is in the ceiling. Not the easiest place to wire on a connector Had to a little fabrication yesterday... they do not make power inlets for indoor use. I didn't want to open up my wall further to install an outdoor-style junction box for the inlet that I purchased, so I had to get creative. Got a blank steel faceplate and drilled it out, looks pretty good imo. Will post pics later. I ended up purchasing the Netgear Nighthawk Wifi6 Mesh 2-pack for wireless. So, everything is purchased, and final installation will be done soon.
|
|
Deleted
Deleted Member
Posts: 0
Deleted
inherit
guest@proboards.com
11521
0
Deleted
0
January 1970
Deleted
|
Post by Deleted on Aug 6, 2021 21:50:40 GMT
So, I apologize for the broken links in this thread. I will fix them eventually, but I deleted things to make a proper album of this project, because it is now finished. Rather than posting all of the images here again, here is a link to the photo album if you are interested in seeing the whole thing. I will just leave two images here... This is what happens when you have been dicking around too much with fabrication and lose track of the time. The wife wants to consume content, and she wants to consume it now! So, I did some quick and dirty couplers and the old router and give her the Hulk - "I see this as an absolute win!" Finished result! Looks nice with the door closed
|
|
Deleted
Deleted Member
Posts: 0
Deleted
inherit
guest@proboards.com
11521
0
Deleted
0
January 1970
Deleted
|
Post by Deleted on Aug 6, 2021 21:55:54 GMT
Also dropping these here, sorry to be a liar This for the benefit of anyone here that DIYs this stuff. You should always have the outer jacket inserted past the crimping point when you are terminating your own cabling. It is definitely made easier with pass-thru EZ clamshells like I use.
|
|
Deleted
Deleted Member
Posts: 0
Deleted
inherit
guest@proboards.com
11521
0
Deleted
0
January 1970
Deleted
|
Post by Deleted on Aug 8, 2021 19:41:15 GMT
Paging rewindbutton, regack, bmwcrazy, and if anyone knows other people that might be knowledgeable about networking stuffs, please let me know who they are so I can invite them - I have had my eyes opened, again, to the many deeper worlds that exist beyond what I typically do with networking and routing. I am just now grasping the actual difference between routing and the firewall, thanks to the overwhelming configurability of pfSense software. I am kind of intimidated, and also excited by the possibilities I see. But I have a lot to learn and understand, just to be base-level competent. So, as I usually do, I am wordy in preface, but the question is, anybody familiar with pfSense? Goals: - Create VLAN for IoT devices - Create VLAN for gaming PC and PS3 -- Gaming PC needs full access to private network though - Re-establish Pi-Hole adblocking while still using pfSense as DNS resolver I have a pretty good guide for the last one: blog.flippedbits.io/2020/07/wrangling-dns-on-your-network-part-1-pi-hole/The others, uh, yeah... we use simple switches and let the lighting console be the WAN, so VLAN is new to me. What I have found, in short, is that as usual despite being a go-to guy for this kind of stuff from friends and family and always get them through their issue, I am hardly an expert on this aspect. Jackass of all trades ;_;
|
|
inherit
Another Crazy Finn
11505
0
Apr 28, 2024 10:17:31 GMT
4,455
rewindbutton
2,420
May 2020
rewindbutton
Dragon Age: Origins, KOTOR
|
Post by rewindbutton on Aug 9, 2021 8:04:16 GMT
Thanx for tagging, but I'm pretty useless atm. My already poor eyesight decided to crap on me and now I have difficulty reading and writing. Nope, haven't used Pi-Hole either - Create VLAN for IoT devices - Create VLAN for gaming PC and PS3 -- Gaming PC needs full access to private network though How this used to work was, you created an administrative VLAN for admin, and two user VLANs. This is done in the router. Then configure the switch accordingly. You will need a switch that supports VLAN tagging though, simple switches won't do. I am hardly an expert on this aspect. I should be, I suppose, but I've done this only in a Cisco environment. Aren't we all.
|
|
Deleted
Deleted Member
Posts: 0
Deleted
inherit
guest@proboards.com
11521
0
Deleted
0
January 1970
Deleted
|
Post by Deleted on Aug 9, 2021 15:34:35 GMT
^^^ ah so.
I will need to swap that switch out, and the others I suppose too. Well sonofa! Thanks for this crucial little bit, I would have banged my head later for sure.
I am very sorry to hear about your sight failing you... that is a lot to go through I imagine.
|
|
inherit
Another Crazy Finn
11505
0
Apr 28, 2024 10:17:31 GMT
4,455
rewindbutton
2,420
May 2020
rewindbutton
Dragon Age: Origins, KOTOR
|
Post by rewindbutton on Aug 9, 2021 18:52:47 GMT
I am very sorry to hear about your sight failing you... that is a lot to go through I imagine. Thank you, it's been a hurdle. I'm hoping this latest development can still be reversed.
|
|
inherit
1869
0
1
Apr 28, 2024 22:45:33 GMT
7,337
regack
coffee coffee coffee coffee coffee coffee coffee coffee coffee coffee coffee coffee
2,971
Oct 27, 2016 19:49:57 GMT
October 2016
regack
Top
https://bsn.boards.net/posts/recent
https://i.imgur.com/oatOJzT.png
Regack
|
Post by regack on Aug 9, 2021 23:20:13 GMT
I've not used either Pi-Hole or pfSense, and at work we have a couple of network engineers to handle all of the Cisco stuff so I'm probably not the best to answer, but I'll ramble on with some extraneous thoughts anyway. On a partially related note, I can say that I know enough Cisco to be dangerous, but I also know enough IT to know that I'm dangerous and that I should tag the engineers when it's more than 'shut/no shut' . If you already have some random crap lying around, maybe a clumsier way to to handle it is to use multiple network adapters in the machine running pfSense and each physical adapter could be one of the subnets dividing your traffic into a DMZ for your IoT stuff, a network for PS/Pc, and the porn stash inbound/outbound internet connection.
|
|
Deleted
Deleted Member
Posts: 0
Deleted
inherit
guest@proboards.com
11521
0
Deleted
0
January 1970
Deleted
|
Post by Deleted on Aug 10, 2021 0:48:38 GMT
I've not used either Pi-Hole or pfSense, and at work we have a couple of network engineers to handle all of the Cisco stuff so I'm probably not the best to answer, but I'll ramble on with some extraneous thoughts anyway. On a partially related note, I can say that I know enough Cisco to be dangerous, but I also know enough IT to know that I'm dangerous and that I should tag the engineers when it's more than 'shut/no shut' . If you already have some random crap lying around, maybe a clumsier way to to handle it is to use multiple network adapters in the machine running pfSense and each physical adapter could be one of the subnets dividing your traffic into a DMZ for your IoT stuff, a network for PS/Pc, and the porn stash inbound/outbound internet connection. Stash... amateurs have stashes. I won't have to replace every switch, and it isn't like there are a ton. Gaming PC has direct line from pfSense firewall/router, but thinking it through, better to replace all 3 of my down-line switches and especially the 4th switch (in the enclosure). It's all good. I can sell my simple switches easily, we use them constantly at work so I'm not losing much. Probably net added expense of another $60, which I can swing.
|
|
inherit
Another Crazy Finn
11505
0
Apr 28, 2024 10:17:31 GMT
4,455
rewindbutton
2,420
May 2020
rewindbutton
Dragon Age: Origins, KOTOR
|
Post by rewindbutton on Aug 10, 2021 8:00:42 GMT
I know enough Cisco to be dangerous Sees this, types: privilege exec level 2 enable
|
|
inherit
1086
0
Jan 25, 2017 20:52:04 GMT
2,600
nanotm
a tidy workspace is the sign of a deranged mind
3,879
Aug 20, 2016 19:53:16 GMT
August 2016
nanotm
Mass Effect Trilogy, Dragon Age: Origins, Dragon Age 2, Dragon Age Inquisition, Mass Effect Andromeda
nanotm
nanotm
|
Post by nanotm on Aug 10, 2021 8:43:30 GMT
cheap and dirty way to do this is set up 2 or 3 address brackets on your router I put all the kids devices on 192.2.1.50>80 while the set top boxes were on 192.3.1.150>160 and my stuff was on 192.1.1.200>220 but then my router supported multi network and device assignment... I stopped splitting the network though once the kids figured out how to get around it all and started messing things up just to watch P0rn...
|
|
Deleted
Deleted Member
Posts: 0
Deleted
inherit
guest@proboards.com
11521
0
Deleted
0
January 1970
Deleted
|
Post by Deleted on Aug 10, 2021 20:25:17 GMT
cheap and dirty way to do this is set up 2 or 3 address brackets on your router I put all the kids devices on 192.2.1.50>80 while the set top boxes were on 192.3.1.150>160 and my stuff was on 192.1.1.200>220 but then my router supported multi network and device assignment... I stopped splitting the network though once the kids figured out how to get around it all and started messing things up just to watch P0rn... This is interesting, how did you set your subnet mask for this? I ask, because you broke up a single IP range (1-254) and used it over several "networks" (192.1,192.2, 192.3). Was your PC, 192.1.1.201, masked as 255.0.0.0 and the others masked more restrictively? Your numbering seems strange to me, and I ask not because I think it is wrong or strange. I ask because I am ignorant and trying to fix it ALTBOULI - Netgear Nighthawk Wifi6 Mesh (2pack) is what I got for Wifi. About the price of a new gaming router, my wifi at home now has one SSID and devices that use wifi switch seamlessly when going outdoors or downstairs. Speed is mostly the same (I replaced an AC3200 router that was high quality) for the upstairs clients, vastly improved for the downstairs. Setting it up in AP mode without the Android app (GRRRRRRR) was a bit of a pain, but that was partially due to how pfSense assigns DHCP leases and my temporary ignorance on how to assign statics.
|
|
inherit
1869
0
1
Apr 28, 2024 22:45:33 GMT
7,337
regack
coffee coffee coffee coffee coffee coffee coffee coffee coffee coffee coffee coffee
2,971
Oct 27, 2016 19:49:57 GMT
October 2016
regack
Top
https://bsn.boards.net/posts/recent
https://i.imgur.com/oatOJzT.png
Regack
|
Post by regack on Aug 11, 2021 1:00:24 GMT
I know enough Cisco to be dangerous Sees this, types: privilege exec level 2 enable configure revert now? For some reason my account is 15, I don't even know why
|
|
Deleted
Deleted Member
Posts: 0
Deleted
inherit
guest@proboards.com
11521
0
Deleted
0
January 1970
Deleted
|
Post by Deleted on Aug 11, 2021 1:31:54 GMT
So, Cisco heads I just looked at their free online courses. The into course, is 70 HOURS. It covers things I probably mostly already know, from the description, but I imagine it would still be worthwhile. 70 HOURS. They have a lot of free training online. Quite interesting.
|
|
inherit
Another Crazy Finn
11505
0
Apr 28, 2024 10:17:31 GMT
4,455
rewindbutton
2,420
May 2020
rewindbutton
Dragon Age: Origins, KOTOR
|
Post by rewindbutton on Aug 12, 2021 6:43:27 GMT
Sees this, types: privilege exec level 2 enable configure revert now? For some reason my account is 15, I don't even know why That does it: username regack privilege 1 password dontforgetit Sloppy security policy; one of my pet peeves.
|
|
inherit
Another Crazy Finn
11505
0
Apr 28, 2024 10:17:31 GMT
4,455
rewindbutton
2,420
May 2020
rewindbutton
Dragon Age: Origins, KOTOR
|
Post by rewindbutton on Aug 12, 2021 6:47:49 GMT
I just looked at their free online courses. I would study the free courses first, just to see how they suit you. They have a lot of free training online. Quite interesting. I highly recommend reading the stuff.
|
|
inherit
1086
0
Jan 25, 2017 20:52:04 GMT
2,600
nanotm
a tidy workspace is the sign of a deranged mind
3,879
Aug 20, 2016 19:53:16 GMT
August 2016
nanotm
Mass Effect Trilogy, Dragon Age: Origins, Dragon Age 2, Dragon Age Inquisition, Mass Effect Andromeda
nanotm
nanotm
|
Post by nanotm on Aug 12, 2021 11:14:47 GMT
cheap and dirty way to do this is set up 2 or 3 address brackets on your router I put all the kids devices on 192.2.1.50>80 while the set top boxes were on 192.3.1.150>160 and my stuff was on 192.1.1.200>220 but then my router supported multi network and device assignment... I stopped splitting the network though once the kids figured out how to get around it all and started messing things up just to watch P0rn... This is interesting, how did you set your subnet mask for this? I ask, because you broke up a single IP range (1-254) and used it over several "networks" (192.1,192.2, 192.3). Was your PC, 192.1.1.201, masked as 255.0.0.0 and the others masked more restrictively? Your numbering seems strange to me, and I ask not because I think it is wrong or strange. I ask because I am ignorant and trying to fix it ALTBOULI - Netgear Nighthawk Wifi6 Mesh (2pack) is what I got for Wifi. About the price of a new gaming router, my wifi at home now has one SSID and devices that use wifi switch seamlessly when going outdoors or downstairs. Speed is mostly the same (I replaced an AC3200 router that was high quality) for the upstairs clients, vastly improved for the downstairs. Setting it up in AP mode without the Android app (GRRRRRRR) was a bit of a pain, but that was partially due to how pfSense assigns DHCP leases and my temporary ignorance on how to assign statics. left all as the same mask so they could share the printer, I used a billion router at the time and the thing let me set up multiple virtual networks it was a simple as going into the network setup menu creating a network name and then changing the address range, then add each new network with a new address range. The reason why I separated out the assignment ranges on each was purely to prevent cross talk but I locked each device via mac id to a designated network, and then used hidden ssid on the wifi and separate passwords so that after manually setting up each device it had a pre-set network id and couldn't jump domains (well they could once the kids figured out mac spoofing) and yeah I had a set of websites the kids could use assigned to their network, and the settop boxes could only access specific web addresses... worked really well for about a decade until I needed a new router at which point I would have bene forced to spend a lot of money on a new one with the same capabilities or just stop restricting everything (which is what I did since the kids were all over 18) of course if you dont want all that hassle you can also use windows domain controller and run everything via an old pc with a couple of extra lan controller cards but then you might as well bung a bunch of hard drives in the thing and set it up as a network storage/domain controller and then you get a lot more controls although the learning curve is pretty steep... I did that back when everything was running WIN XP but gave up after moving to win 7 broke everything/
|
|