I am moving to a new house soon and planning my new home network. I will be getting FTTH hence the CPE and ONT. Does anyone see any issues with this setup?
Fibre enters the home and is hooked into the CPE (Customer Premise Equipment) that demultiplexes the signal for the cable tv and internet. The fibre is then continued to the ONT (Optical Network Terminal) and converted into Ethernet Cat6 and passed along to the Internet Router. A branch of coax also leaves the CPE and hooks into the cable boxes at the TVs. Internet speed initially will be 25Mbps/2.5Mbps, possibly 50Mbps/3Mbps if I feel like it.
The Internet Router will supply WiFi to any guests wanting internet while visiting and act as the switch to connect the external server that is outside the private LAN. This is also to airgap downloads and scan prior to transfer to the private LAN.
For the Firewall, I'm looking at either pfSense or Sophos, leaning towards pfSense.
After the Firewall you hit the main private LAN router in the garage that will house the server rack. This will hold the Media Server running FreeNAS and a radio server that monitors the radio scanners and sends the feed to the desktop upstairs.
Because I have to go up two stories and I don't believe the house was wired with Cat5e or Cat6 cable, I was thinking of running a gigabit connection through coax using one of these. http://ca.startech.com/Networking-IO/Media-Converters/Ethernet-Extenders/Gigabit-Ethernet-over-Coaxial-Unmanaged-Network-Extender-Kit-2km~EOC1110K
Once I move in, I'll be able to see if the phone lines were wired with Cat3 or Cat5/6 cable. If in fact it is wired with Cat5 then I'll just run that upstairs to the WAP in the office.
I plan on building a reasonably powerful server to run FreeNAS to give it plenty of CPU power for buffering the transcoding.
I intend to have both private wireless access points 802.11n standard. Both WAPs will be configured with the same SSID to allow for roaming of the iPhone, iPad and Laptop. Garage Router will be the DHCP server. Home Office Router is simply a switch/WAP. WAPs will not be broadcasting SSIDs
Any recommendations on the Firewall? pfSense vs Sophos
Will this setup make my LAN relatively secure?
The Ethernet over Coax bridge, Is Gigabit excessive or recommended as a bridge between the two ends of the network?
Will I run into any major bandwidth blocks with regards to media streaming due to having to have the living room on WiFi?
I was thinking about also making the firewall computer a router, putting the torrent server behind it and using it to replace the internet router. Using pfSense to isolate Guest/Public/Private and using traffic shaping to prioritize the private subnet use of the internet over the Guest and Public subnets. Any opinions, recommendations?