<p dir="ltr">pfsense yo</p>
<p dir="ltr">Sent from my mobile. Please excuse the brevity, spelling, and punctuation. </p>
<div class="gmail_quote">On May 22, 2016 6:48 PM, "James Taylor" <<a href="mailto:james.taylor@eastcobbgroup.com">james.taylor@eastcobbgroup.com</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">If you are not completely set up open source, the Sophos home license would cover that for free.<br>
Download the vm and boot into configuration.<br>
Very nice web interface with anything you would need to do for you network, including vlans and QoS and VPN.<br>
<br>
<a href="https://www.sophos.com/en-us/products/free-tools/sophos-utm-home-edition.aspx" rel="noreferrer" target="_blank">https://www.sophos.com/en-us/products/free-tools/sophos-utm-home-edition.aspx</a><br>
<br>
-jt<br>
<br>
> On May 22, 2016, at 6:29 PM, Chris Fowler <<a href="mailto:cfowler@outpostsentinel.com">cfowler@outpostsentinel.com</a>> wrote:<br>
><br>
> Wife ordered Xfinity business at 50/10. This is given me an opportunity to rebuild my network. I have daughters 13 and 11. Every one, but me, complains about "streaming movies". They are also out in a week and for my SSH sanity I need to lock everyone down.<br>
><br>
> Here are my thoughts.<br>
><br>
> 1. DHCP provides address by MAC not much in a pool.<br>
><br>
> 2. <a href="http://192.168.1.0/24" rel="noreferrer" target="_blank">192.168.1.0/24</a> is subdivided into subnets.<br>
> 2.1. "Enterprise". Servers, my desktop, services, etc.<br>
> 2.2. Entertainment. XboxOne, WiiU, etc.<br>
> 2.3. Each daughter gets their own cut of the <a href="http://192.168.1.0/24" rel="noreferrer" target="_blank">192.168.1.0/24</a>.<br>
><br>
> 3. SSH needs TOP BILLING. I type fast. Followed by OpenVPN and Vtun. All that will happen within 2.1, but SSH needs to defeat all Netflix<br>
><br>
> I've just received a Ubiquiti AP. This Is just an AP. It will be the only AP. I'll use my own cable modem and then Linux will route between the private and the public.<br>
><br>
> Purpose of 2.3. is so that when punishment occurs we'll simply degrade service (I'm evil) or block their sub. I'll have a web page the wife can log into to dish it out.<br>
><br>
> I'm going to install squid to proxy for 2.3 and take the SSL as well.<br>
><br>
> When they are out of school my SSH sessions go downhill fast.<br>
><br>
> I can do much of this, but I don't have much experience with the complex QoS rules. Should I start with a CentOS 7 install or a firewall distro?<br>
><br>
> Chris<br>
><br>
><br>
><br>
><br>
><br>
> _______________________________________________<br>
> Ale mailing list<br>
> <a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
> <a href="http://mail.ale.org/mailman/listinfo/ale" rel="noreferrer" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
> See JOBS, ANNOUNCE and SCHOOLS lists at<br>
> <a href="http://mail.ale.org/mailman/listinfo" rel="noreferrer" target="_blank">http://mail.ale.org/mailman/listinfo</a><br>
<br>
<br>
_______________________________________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" rel="noreferrer" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
See JOBS, ANNOUNCE and SCHOOLS lists at<br>
<a href="http://mail.ale.org/mailman/listinfo" rel="noreferrer" target="_blank">http://mail.ale.org/mailman/listinfo</a><br>
</blockquote></div>