LIGISTX

As stated by @dilpickle just use pihole for add blocking. Don't put your entire network behind a VPN unless you have a very compelling reason to do so.

If it’s working now, it’s all fine. CPU’s don’t really “only sorta work”. If it’s booting and passing stress tests, it’s totally fine.

This means the VPN isn’t working correctly, or routing isn’t set up quite right. You first need to be able to ping across the VPN, if you can’t do that, data transfer will never work. I have not used tailscale myself, but I do use WireGuard. In the WireGuard config on the client side, you need to tell it what subnets it can reach on the other end of the tunnel, I assume something similar is needed for tailscale since it’s built on WireGuard. I doubt kasperski is the issue, it’s likely just a routing issue.

You have multiple subnets? How is your network configured, are the other local PC’s that are able to access 10.0.0.8 also on the 10.0.0.1 subnet? You would want to ping 10.0.0.8 from the 192.168.1.13 remote system, while it’s connected to tailscale. We want to prove that routing through the VPN is in fact working.

I’m confused. What device is pinging what device, and what are the IP’s of the devices? The only IP you should protect is your public IP. The internal LAN IP numbers you can just share, that doesn’t really mean much and isn’t much of a security issue… if someone is inside your network, you have larger issues. If you want, just make up similar IP’s as to what the machines are using. We just need to speak more correctly then 10.0.0.X since we can’t really figure out what’s going on with that. What is your remote machines internal IP? What is the machine hosting the share’s IP? The remote machine should be able to ping the “server” (machine hosting the share), but not the other way around.

Then are you sure tailscale is working? Can you ping any device on the local LAN? Step 1 is confirm your VPN tunnel is actually passing traffic.

Use the IP of the machine sharing the \sys folder. Hostname should work assuming tailscale is using the same DNS as your internal devices, but to just remove that potential issue, use the IP of the machine sharing the folder. If the machine sharing \sys is 10.0.0.5, you’d use \\10.0.0.5\sys If that doesn’t work, I’d assume tailscale is not actually working correctly.

Tailscale is a VPN, it’s providing you a tunnel into your local network while being abroad. Once the VPN is connected, you treat everything as if you are on the local network. So if your local network uses the standard 192.168.1.1 IP scheme, you would use 192.168.1.x\yoursharename The IP tailscale provides doesn’t matter for this. If tailscale is properly working, and is actually making a connection, the remote machine can be treated as if it’s on the local network, and you would connect to the share just like you do with any other PC that is local, pretend tailscale doesn’t exist.

Is the remote PC actually remote, or is it currently on the same LAN? I ask because we need to know if tailscale is actually working… In the last picture it looks like you used the public IP of your office…. That isn’t how this works. You need to VPN in via tailscale, and then use the IP (or host name) of the machine sharing the data.

If your NAS can do iSCSI, that would work just like it being a local harddrive. But iSCSI shares can only be accessed by a single network connected device, so you would want to create a separate dataset or storage area on the NAS and share that specific area via iSCSI. Bandwidth is “enough”, but latency and IOPS through the Ethernet stack are not “amazing”. It would work, but expect games to load and operate as if they were on an old school PC with OG (and slower) harddrives. Depending on the game, may not be noticeable, or may be pretty annoying.

Yes, mesh WiFi typically works extremely well.

Sure. But… that shouldn’t be an issue for anything even remotely modern. But yes, this is a correct statement.

If you are remoted into the PC… you are using the PC remoted into. The machine you use to remote in from has 0 affect on anything being done on the remote side.

If this is in fact how you set it up, that’s likely incorrect, at least assuming your current gigabit LAN is on 192.168.1.1. You need to pick a private subnet that is different than the current subnet. Most consumer routers default to 192.168.1.1, thus my stating you may have done this wrong.

You use whatever you set up as the SMB share. You need to set up SMB shares on the new subnet on the Truenas side. My array in my signature will read at about 3.5-5gb/s, and write at about the same. If whatever I am trying to read is in ARC tho, well then it’s pulling it out of RAM and will do full 10gig.

pfsense doesn't do any weird filtering or blocking out of the box, it just works as a firewall and doesn't allow connects coming from external sources. I would probabaly watch this and walk through the setup along with the video, make sure you didn't do anything incorrect...

I probably wouldn’t multi nest truenas. You can… as long as you get the harddrive passthrough correct, but you really need to pass drives fully to truenas so ZFS can have block level access. You can always add more RAM via VMware later, and then subsequently add more RAM to the VM’s within proxmox. None of this is set in stone, all of these settings you can adjust on the fly. My best advice is give proxmox 4GB of RAM and probably 120GB of harddrive space which will be used for proxmox instal and to instal VM’s on, and just start playing around. To allow proxmox to use all the available space on its boot drive, do this: At 14:45, he shows how to dedicate all of your boot drive to be usable by VM’s. I have done this many times, works perfect.

You assign VM’s resources from the proxmox webUI. If you pass proxmox 4GB from VMware, you’d have about 3.8GB to distribute out to VM’s (I’d leave a few hundred MB unassigned, but VM’s also have RAM ballooning if enabled, which will shift RAM around if you run into resource constraints…) You have a lot of learning, and the best way is to just start. You will learn by doing it. What VM’s are you planning to run right away? You likely only need a few GB of RAM for them. I run Ubuntu server VM’s on 1GB of ram each, I have ran them on 700 GB each… your VM’s likely won’t need much.

I’d probably just nest for now. And RAM will totally depend on the OS’s and applications you are trying to run. To start, 4GB will be plenty.

The hypervisor you learn on almost doesn’t matter. Learning and understand how to architect virtual networking, storage, etc is what matters. The host OS can be somewhat easily changed and your knowledge will transfer. Sure, some of the details that are specific to hyper-V or proxmox are different, but if you understand what you are fundamentally doing, that’s a quick google search away. I learned homelab virtualization on ESXi, and when I switched to proxmox the learning curve was practically non-existent compared to learning ESXi originally. It’s like learning how to ride a bike, then switching to a motorcycle. The general idea is all the same, same balance is required (mostly) but the way in which you execute is a little different.

That PC is plenty enough for a homelab + your daily machine. Ny old homelab used to run on an i3 6100 and the CPU performance was never the issue, I just needed more RAM and PCIe. That i3 ran ESXi with the following VM’s: truenas windows LTSC home assistant 3x Ubuntu server, one of which was a Plex server, one of which held half a dozen docker containers Some other random light weight VM’s Your PC is plenty enough to start learning with.

FWIW, myself and some friends have had horrendous issues with sg1100’s. Avoid them like the plague. I have 1 for a family members house, 2 buddies have them for their houses, I have had one corrupt it’s EMMC randomly, then I had it corrupt again upon doing an update. A buddies arrived brand new with overheating issues and needed to RMA. My other friend has had his corrupt on him after doing an update twice. To netgates credit, taclane support is very responsive, but this amount failures are way beyond acceptable. I run pfsense in a vm on my homelab and have been for years, never once had a single issue. Those sg1100’s tho… stay away.

They isn’t how that works. Streaming performance will be limited by your internet speed, not your local network speed. Also, more WiFi devices will by definition just cause more WiFi interference, which hurts performance. Would it hurt performance in a meaningful way, almost certainly not, but it also won’t help anything.

When setting up pfsense, don’t use WiFi. Plug directly into it via an Ethernet cable from its LAN to your computer or laptop. Remove as many potential snags as possible.

VM's..? I cna't imagine a home user actually needing 5 machines and 6 seperate arrays. I would look into proxmox, and consolodate as much as you possible can onto a single host...