robertfontaine
New Around Here
I'm currently using pfsense as my firewall/router and thinking about setting up the DMZ.
If I understand correctly I can establish my DMZ as a VLAN using a single instance of pfsense OR I can have two instances of pfsense and firewall the internal network and the external network discretely.
In theory it seems to me that this works out to the same things but it also seems to me that in practice, theory and practice are not so...
What is current best/reasonable practice? Do you use 2 discrete firewalls or leverage the 1? or do you lose your mind entirely and put a router in front of every vlan that you have?
My own use case is SOHO/Lab and my data isn't terribly sensitive or private. This is mostly a question of what is considered good practice and why. I'm currently just enjoying learning the the tools and building out a network.
Thanks,
Robert
If I understand correctly I can establish my DMZ as a VLAN using a single instance of pfsense OR I can have two instances of pfsense and firewall the internal network and the external network discretely.
In theory it seems to me that this works out to the same things but it also seems to me that in practice, theory and practice are not so...
What is current best/reasonable practice? Do you use 2 discrete firewalls or leverage the 1? or do you lose your mind entirely and put a router in front of every vlan that you have?
My own use case is SOHO/Lab and my data isn't terribly sensitive or private. This is mostly a question of what is considered good practice and why. I'm currently just enjoying learning the the tools and building out a network.
Thanks,
Robert