Sanity Check on a 3 Stage Home network

hamit_motorhead · Nov 12, 2013

First, I am not an IT Expert nor a computer expert, I received my degree in Computer Science/Networking from google, so please work with me.

I am looking to have three (sub??)networks in my home.

First one is the basic WiFi Internet for tablets, ipod, laptops.
Second one is home automation, control lights, coffee pot, dog door, deadbolt and probably a ceiling fan or something. Also I would like the IP Camera's integrated on this one.
Third one will be a media server with a client at each of three TV's, as well as accessible by any client on the first network.

So the way I see it is I am going to have an old PC configured as the firewall in between the Modem and the first switch (switch may be integrated into the PC, I don't know yet).

After the PC there will be a switch going to three routers (or , one for each of the above networks.

The goal here is to be able to VPN into all three networks but not access all of them over the same VPN. Also I would like to be able to VNC into any of the clients (IP Camera Client, Automation client, firewall PC etc etc) once the VPN is established.

This is my understanding of it.

The first PC connected to the modem, could act as the VPN Server, Firewall and Router simultaneously as long as the network card has both a LAN and WAN port.

Could I substitute the first PC for a Router with Firewall just run the other networks as subnets off their own routers? I just assume since I will be running essentially three VPN servers, and then a media server it would be easiest to just configure the first computer with an integrated router card rather than an external router?

getochkn · Nov 12, 2013

why do you want 3 different subnets? you're way overcomplicating this with firewall pc's and vpn servers. a router and port forwarding and a dyanmic dns service could do what you want. do you really need to keep everything separate?

hamit_motorhead · Nov 12, 2013

getochkn :

A router, port forwarding and dyanmic DNS I thought were the prereq's to running a VPN server on a computer?

Also for keeping them separate, you're correct. I do not need to keep them separate, but I would like to keep the Home Automation/Security one separate for obvious reasons, especially if its "behind" the other networks, it lowers probability of being hacked. Also having the media server on its own network prevents overloading the WiFi network (Watching two different movies off the media server, while streaming a netflix video over WiFi). To be brutally honest it's more of a learning experience and definitely not a NEED. I don't need to be able to turn on my ceiling fan from a computer or control the air dampeners in the HVAC system, nor do I really need streaming HTPC at three TV's it's more for fun and development IE. Apartment Complex with an internal internet connection, security camera system accessible by all the residents as clients, and media shared drive. A office building with individual offices for small businesses; security system, internet server to allow for local storage in each office for use in a conference room, and then the HVAC remote network.

hamit_motorhead · Nov 12, 2013

Btw, I have a Dell Laptop that came with Vista in 2007/2008, two older Pentium 4 desktop machines, a raspberry pi (to learn/play with ARM), two NetGear Gigabit switches (6 port?? and a 12 port??), and three routers laying around that are not of any particular use, and I want to tinker with networking and home automation. The switches and routers came from a building I was working in a few years ago that was being renovated, the previous tenants rented a dumpster and threw out a bunch of crap, including a CF-30 toughbook (back when they were cool), so I salvaged what I could.

sg4rb0 · Nov 13, 2013

What's your budget?

hamit_motorhead · Nov 13, 2013

For getting just the network setup? Eh, I figure I would spend <1000$ over the next year or so into it. I'm not looking to make any major hardware purchases, I'd rather stick with the routers I have WRT54GL V1.1 and 2 of the Linksys Gateway routers (tenant left one when they moved out and I had one while I was away from home). I figure I'm not going to get the fasted bandwidth out of them, but I can use one of the PC's as the first firewall setup, the switch, then the three routers, use the Second PC as the NAS Server 2X4tb externals (or a raspberry pi if I can access it by VPN on the firewall machine). The second PC or dell laptop would be used to host the Automation/IP camera deal. I don't think I would need any more equipment than that, maybe another router if I wanted AC wifi on the wireless. The camera's/home automation is really whats going to eat up the funds.

sg4rb0 · Nov 13, 2013

I'd buy a Cisco 887VA, and google for the 887VA-SEC-K9 IOS.

You can do everything on it, the box will cost around $400 and you will have to learn the command line. You can setup a Cisco Client VPN on your laptop and dial into your home network. That's the approach I'd take, but I'm very experienced in Cisco.

Alternatively you could use a PC as a VPN server and either RDP to it, or use a PPTP tunnel from your laptop (here is a link about pptp http://technet.microsoft.com/en-us/library/cc757206(v=ws.10).aspx).

hamit_motorhead · Nov 13, 2013

I'm not totally against that, I had already scouted another router and was looking at the RV series, specifically the RV220 because it has IPsec for VPN, once again, IPsec is a little bit more commercial/corporate network related so it would help me out for my certs. The main reason I want to stick with what I have (minus picking up a Foxconn box or something similar) is to keep funding to a minimum while working with open source.

Search

Sanity Check on a 3 Stage Home network

hamit_motorhead

Honorable

getochkn

Polypheme

hamit_motorhead

Honorable

hamit_motorhead

Honorable

sg4rb0

Honorable

hamit_motorhead

Honorable

sg4rb0

Honorable

hamit_motorhead

Honorable

TRENDING THREADS

Latest posts

Moderators online

Share this page