Networking
Network Segmentation with pfSense
Network Segmentation
In this project, I am working on securing and segmenting my LAN into five different networks. Below is a short description of each and their intended use.
- LAN
- This network will be used by my trusted devices and will be prioritized over the other networks.
- Clients on this network can initiate connections to devices on the Servers network.
- Servers
- This network will be for server to server communication, and is the only network that will be allowed to host services to the internet.
- Guests
- This is a strict network that only allows clients to use the internet.
- No network traffic between clients is allowed.
- Pentest
- This network has no internet access and is where I intend to host vulnerable virtual machines for use in penetration testing exercises.
- Blackhole
- This network will not route any traffic and exists as a network for me to test untrusted devices or software.
- Additionally this will be the network assigned to any ports that are not currently in use on my physical networking equipment.