Home Network Setup with pfSense for home automation

Gambrinus

Member
Jan 18, 2018
1
0
6
43
Hi,

I am not sure how to setup home networking as there are many involved parts (Modem, Router, VM, WLAN, LAN) and I can't get it to work. First, let me explain my prior setup:

I get Internet through a 4G modem (Huawei) with IP range 192.168.1.x, where I have disabled Wifi. To this modem, a DD-WRT flashed Asus Archer C7 router is connected (WAN Router -> LAN Modem). Here, I created one main WLAN (192.168.3.x) and one VLAN (192.168.4.x) for home automation (HA) devices. The Proxmox PC is connected by two LAN cables to the DD-WRT router. I have a RaspPi2 running with piHole connected to the router as well.

The following graphic should be what my actual setup is like:

network_old.png

My future setup should be like the second image, to fulfill my requirements:

1) I want the HA devices to have no Internet connection, *except* for the main hub (Home Assistant device) to install updates and plugins, provide remote access etc. I want to have access to the main hub from my main network (from mobile phones etc.).
2) I want to virtualize the Home Assistant device within Proxmox.
3) I want to replace the piHole device with a virtualized pfSense VM within Proxmox.
4) I want to further subdivide my network, e.g. for mobile devices, TVs, ... to setup rules/filters for each of them. [optional for now]

network_new.png

So far I struggle with passing the two networks (192.168.3.x, 192.168.4.x) to proxmox such that I can assign most VMs/LXCs to selected networks. I read about ant tried bridging (Proxmox), VLAN tagging and trunk configurations (DD-WRT) etc. but with the planned pfSense I'm not so sure if I should just leave all of this configuration to pfSense and take it out of DD-WRT. So I'm unsuccessful until now. I also need some bridging on the router from Wifi to LAN.

My main question is where to do what to achieve the requirements as listed above. Maybe you can tell me the proper way to do this step by step so I can verify one step after the other.

Side-question: If everything network related runs in the Proxmox machine, would it make sense to setup some IPMI watchdog on the DD-WRT that reboots the server if it is not reachable (=down)? I'm not planning on heavy automations but I guess it's still problematic when the server or VM goes down unexpected and there is no redundancy for that.

Side-note: Due to space problems, I will have to put the Proxmox machine in the basement, so the Bandwith will be limited. I assume for pfSense this should not be a great problem and for nextcloud and stuff I don't care if it is a little slower in syncing.

Thx for your help!
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!