Jump to content

I'm a total nub

Millbj92
By Millbj92
in Servers, NAS, and Home Lab
 Share
Posted

I'm a total nub, and honestly just need to know if I am doing everything the right way. 

 

So I called my ISP and get a /16 block with 13 usable IPs. (Im planning on running a few things as well as k8s). So I have my 13 ips, hook up a pi to test and everything worked. Then I thought wait everything in my home is on the internet 

 

I want ahead and got a Asus GT-AX-11000 and set my main gateway that has internet access to passthrough mode. My Asus router now has an outbound connection but will not receive inbound from the internet. My modem with the 13 addresses will accept both in and outbound, which is what I wanted I think. If I want something on the internet I plug it into my gateway, if not it goes to my Asus. 

 

This seems to be working as they are both on completely different subnets, but I just want to be sure? I know if someone was savvy/wanted enough they could get into my home network. Any harden in ng techniques? Am I doing it right? Etc.

 

This is my very first time ever even running over a private IP, let alone trying to separate one network from another.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
6 minutes ago, Millbj92 said:

I'm a total nub, and honestly just need to know if I am doing everything the right way. 

 

So I called my ISP and get a /16 block with 13 usable IPs. (Im planning on running a few things as well as k8s). So I have my 13 ips, hook up a pi to test and everything worked. Then I thought wait everything in my home is on the internet 

 

I want ahead and got a Asus GT-AX-11000 and set my main gateway that has internet access to passthrough mode. My Asus router now has an outbound connection but will not receive inbound from the internet. My modem with the 13 addresses will accept both in and outbound, which is what I wanted I think. If I want something on the internet I plug it into my gateway, if not it goes to my Asus. 

 

This seems to be working as they are both on completely different subnets, but I just want to be sure? I know if someone was savvy/wanted enough they could get into my home network. Any harden in ng techniques? Am I doing it right? Etc.

 

This is my very first time ever even running over a private IP, let alone trying to separate one network from another.

Ext: I also have two Nas. A ds420+ I ended up having to solder a resistor to... Much fun... Then I got the DS1520+ and couldn't be happier with that one. Not sure if there's a way to combine them into one "mega Nas" but that would be cool too, although one is running dsm6 and the other 7 so I don't think they'll allow it even if it's possible.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
3 hours ago, Millbj92 said:

I'm a total nub, and honestly just need to know if I am doing everything the right way. 

 

So I called my ISP and get a /16 block with 13 usable IPs. (Im planning on running a few things as well as k8s). So I have my 13 ips, hook up a pi to test and everything worked. Then I thought wait everything in my home is on the internet 

 

I want ahead and got a Asus GT-AX-11000 and set my main gateway that has internet access to passthrough mode. My Asus router now has an outbound connection but will not receive inbound from the internet. My modem with the 13 addresses will accept both in and outbound, which is what I wanted I think. If I want something on the internet I plug it into my gateway, if not it goes to my Asus. 

 

This seems to be working as they are both on completely different subnets, but I just want to be sure? I know if someone was savvy/wanted enough they could get into my home network. Any harden in ng techniques? Am I doing it right? Etc.

 

This is my very first time ever even running over a private IP, let alone trying to separate one network from another.

Hi, to get more hardening, try to use a firewall like PFsense or sophos xg. Not sure why you should have 13 addresses, I only have one and I'm running 10+ services behind that one ip by using HAproxy. 

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Servers, NAS, and Home Lab

×