BeachBum
Regular Contributor
I have 3 physically separate network segments on my network, 2 of which are LAN (OPT1, 192.168.1.1/24) and CAMNET (OPT3, 192.168.3.1/24). The CAMNET is a camera surveillance system that has no access to any other segment nor the outside world. All the cameras are directly connected to the NVR which is connected to OPT3 on pfsense. OPT1 LAN has no access to OPT3 CAMNET.
Recently we did some renovation and one of the cameras connected to the nvr had to be moved to the main LAN switch and become part of the LAN to allow some machines to have internet access. I have placed a small managed Mikrotik switch on this port. I need to still use this camera however, so it will need to be plugged in to this switch (only way it can be connected at all).
So, question is how do I setup the rules to maintain the isolation of the camera and also get it on the CAMNET network so it can connect to the dvr on that segment?
Guessing I need a new VLAN for this particular port? If so, how do I handle this on the main switch & pfsense?
Network before renovation:
What I think I need to do:
Recently we did some renovation and one of the cameras connected to the nvr had to be moved to the main LAN switch and become part of the LAN to allow some machines to have internet access. I have placed a small managed Mikrotik switch on this port. I need to still use this camera however, so it will need to be plugged in to this switch (only way it can be connected at all).
So, question is how do I setup the rules to maintain the isolation of the camera and also get it on the CAMNET network so it can connect to the dvr on that segment?
Guessing I need a new VLAN for this particular port? If so, how do I handle this on the main switch & pfsense?
Network before renovation:
What I think I need to do:
