pfSense router with one ethernet port on Intel NUC

For general web development questions that are not specifically related to CSS HTML Validator. This includes (but is not limited to) general HTML, CSS, Accessibility, JavaScript, and SEO questions.
Post Reply
User avatar
Albert Wiersch
Site Admin
Site Admin
Posts: 3649
Joined: Sat Dec 11, 2004 9:23 am
Location: Near Dallas, TX
Contact:

pfSense router with one ethernet port on Intel NUC

Post by Albert Wiersch »

While not directly related to CSS HTML Validator, I thought I'd post some information on using a pfSense router that has only 1 Ethernet port because this is what I've been doing for well over a year now and it has been extremely stable.

I use an Intel NUC NUC5i5RYH with Intel Core i5=5250U CPU. It only has one gigabit Ethernet port but this is perfectly fine for my 500/500 fiber Internet connection and doesn't hold me back. Note that if you have a faster Internet connection then it's possible that the one Ethernet port could become a choke point, but keep in mind the Ethernet port is capable of 1 Gbps simultaneously in each direction.

To do this you use VLAN (virtual LANs). You can set up VLANs in "Interfaces / Interface Assignments" in pfSense. I have several including 2 VLANs (VLAN 2 and VLAN 3) that I use for WANs (since I have a backup WAN connection via VLAN 3) and then 3 more VLANs (VLAN 4, VLAN 5, VLAN 6) for LANs (because I separate my devices into different LANs for security reasons). For example, one of my LANs (VLAN 6) is for my 'business' machines and another (VLAN 4) is for all my smart devices that just need Internet access and don't need to talk other devices on my network, especially the ones on my 'business' LAN. My 3rd LAN (VLAN 5) is a spare one for possible future use.

Another key piece of this setup is a smart managed switch. I use a TP-Link TL-SG116E with 16 ports. The Intel NUC router connects to port 16 and then I've configured the TP-Link switch to segment the other 15 ports into various VLANs. For example, port 1 is the main WAN port that provides my 500/500 Internet connection and port 2 is the backup WAN port that goes to a backup WAN connection that is used if the first WAN connections is detected as down. The other ports are divided into the 3 LANs I use and devices on each LAN should not be able to directly talk to each other without going through the router. See below for some screenshots from my TP-Link smart switch VLAN configuration.





I'll add/improve this post if I get questions but for now I'm just giving some basics to help get people started.
Post Reply