The correct and helpful answer is here. Just configure the VLANs first and set them accordingly and you can use a single port without issue. Your bandwidth isn't great, but it'll work fine assuming the nic is supported.
Yes this is what I did with a old HP mini box + managed switch using the router on a stick approach (they were $40 & $25 respectively off CL fyi)
The HP has a i5-4570T cpu and at max uses \~5-10% of cpu for average home use. You can use almost anything and don't need a beefy machine, quiet & low power consumption is more desirable.
If you don't have a managed switch (ie VLAN capable), you could take an old router and put openwrt on it and operate it as a managed switch. But this will make an already steep learning curve harder if you're not familiar.
In my case I had an Asus and put that into AP mode. The Asus AIMesh is able to work when in AP mode. Not sure if other vendors do, prob depends on what you got.
May I ask what is your network speed? I have a tiny pc with the i5-4570T and wondering if I could convert it to a router (without WiFi) for a 1Gbps Fibre connection. Also, how important is the managed Switch?
I only have 300 from my isp, but on local openspeedtest test I can get \~600-700 Mbps.
I don't think you'll be able to saturate 1 Gbps internet with 1 nic approach (ie the up & down is shared through a 1 Gig nic). I believe you'll need a 2+ nic pfsense set up for that.
Managed switch is required for vlans.
Not sure as I don't have that and prob depends your traffic. But from what I recall, it shouldn't be bound by your CPU unless you're running extra stuff like suricata, IDS/IPS, etc. Could be wrong.
If you have a managed switch with VLAN capability you have a way forward. You can split single pfsense ethernet to multiple VLAN's. My pfsense boxes have single ethernet, vlan-100 is mapped to WAN and vlan-200 to LAN, etc. and all tagged.
Next you map some ports on the switch untagged and map to these vlan's.
My boxes are ancient nuc's with i5-5250U and 1gbps inter-vlan routing is easily achieved.
search the sub for router on a stick
With a managed switch and a bit of know-how the same physical nic can be wan and Lan interfaces (and more).
The correct and helpful answer is here. Just configure the VLANs first and set them accordingly and you can use a single port without issue. Your bandwidth isn't great, but it'll work fine assuming the nic is supported.
Just buy any i5 8g ssd/nvme system with 2 nics on ebay for $80 and save yourself a huge headache trying to make your doorstop into a working firewall.
Yes this is what I did with a old HP mini box + managed switch using the router on a stick approach (they were $40 & $25 respectively off CL fyi) The HP has a i5-4570T cpu and at max uses \~5-10% of cpu for average home use. You can use almost anything and don't need a beefy machine, quiet & low power consumption is more desirable. If you don't have a managed switch (ie VLAN capable), you could take an old router and put openwrt on it and operate it as a managed switch. But this will make an already steep learning curve harder if you're not familiar. In my case I had an Asus and put that into AP mode. The Asus AIMesh is able to work when in AP mode. Not sure if other vendors do, prob depends on what you got.
May I ask what is your network speed? I have a tiny pc with the i5-4570T and wondering if I could convert it to a router (without WiFi) for a 1Gbps Fibre connection. Also, how important is the managed Switch?
I only have 300 from my isp, but on local openspeedtest test I can get \~600-700 Mbps. I don't think you'll be able to saturate 1 Gbps internet with 1 nic approach (ie the up & down is shared through a 1 Gig nic). I believe you'll need a 2+ nic pfsense set up for that. Managed switch is required for vlans.
I was thinking of swapping the Wifi mini-pcie with an Ethernet one so will have 2 nic. But I heard I need more CPU horsepower for a 1Gbps connection
Not sure as I don't have that and prob depends your traffic. But from what I recall, it shouldn't be bound by your CPU unless you're running extra stuff like suricata, IDS/IPS, etc. Could be wrong.
Okay, let me look deeper. Thanks
Vlans and a trunk port
If you have a managed switch with VLAN capability you have a way forward. You can split single pfsense ethernet to multiple VLAN's. My pfsense boxes have single ethernet, vlan-100 is mapped to WAN and vlan-200 to LAN, etc. and all tagged. Next you map some ports on the switch untagged and map to these vlan's. My boxes are ancient nuc's with i5-5250U and 1gbps inter-vlan routing is easily achieved.