Dual ethernet ports management (WAN-LAN)

[Paier]

Hi, I'm building my first TrueNAS Scale mini-server for my home. It has an Intel Atom 4 core processor, 4TB of SSD storage, 16GB of DDR4 ram, and two 2.5Gbps Ethernet ports. I'm going to use it as a "local public file server" (meaning RW for everyone on the SMB shares, it won't contain important or sensible data), and I would like to run PiHole, and LAN Cache on it. All these services should be accessible only from one of the ethernet ports, which I think shouldn't be hard to do.

The thing I don't know about is if it's possible to also run OPNsense on it, and dedicate the other ethernet port only to it, effectively making it a ""WAN"" port. This means blocking access to the SMB shares, the TrueNAS webUI, and the other services on that ethernet port.

Would this be possible?

Thanks!

 

[ChrisRJ]

This should probably go the TrueNAS Scale forum ...

For security reasons I would not recommend such a setup. Two main aspects in my view:

• Depending on the details of the virtualization, the level of isolation may be less than you think
• More importantly, it is relatively easy to accidentally open holes in the configuration with the various levels of networking.

Lastly, you would need to think how to ensure that your network still works (somewhat), if there is a problem with your TrueNAS Scale system.