Hey everyone, I posted something similar over in /r/homelab, but I think the networking part is the bigger part that's throwing my brain for a loop, and it's definitely where I'm weakest.
I could hopefully sort out the VM side.
Anyhow, here's the plan. I've been doing System Administration and Helpdesk work for about 7 years now. I'm looking to move into something I find more interesting, which is Security.
Anyhow, I've got a homelab right now that is comprised of my R710 Server. I've got a Netgear 6400 router that is just switched to AP mode, as I went ahead and virtualized my router with a PfSense VM just for fun.
But here's my new plan, and where I'm running into the mental roadblock, and the networking side quickly gets over my head.
My plan is to make a segregated pen testing lab just for fun, and to hopefully move into that area after going through Security+ and likely Networking+ to bump the understanding level up.
I ordered a Cisco Small Business switch because the old Cisco one I've had that I grabbed off of ebay isn't fast enough for the internet I actually pay for, and likewise, I went ahead and grabbed a new Ubiquiti AP to use as well for better coverage and speed in the house. That got me thinking about sectioning off a network portion as a relatively open Pen Testing lab. I would be behind the Netgear router, and would allow me to leave the wifi/router portion as open as desired to test things, which could lead to a handful of VM's placed on that network as well, segregated in their own VNIC network.
Here's an illustration, and here's what I was curious about. Would I be able to take the line from the Modem, and go to port 1 on the switch (red cable), then plug the Netgear router (orange cable) into Port 2 for the WAN access, while having my PfSense router (blue cable) on the server connect to the switch on Port 5 for it's WAN access?
I was thinking it might be achievable if I used VLANs for the ports that I wanted for my internal "safe" network, and then used a separate port for the pen test network.
I guess what keeps tripping my brain up is having technically two routers, but one entry/exit from the network. I think I might be overthinking things, but I figured if there's any group of people who could look at this and make sense of it without breaking a sweat, it's the group here. I'm giving myself brain cramps.
Thanks, everyone!
No comments:
Post a Comment