Home office network - planning. Please critique and help refine it

[jilebi]

I am just beginning to plan a home office network. I have understood some concepts, but have also have manged to tie myself in knots. With some help from the experts here I am hoping to refine my network plan and implement it. Thanks you for all your help in advance.

First here is some basic information about this project:

• Internet provider - Verizon FiOS (Fiber) 75/75 (can increase this as needed
• Need the Verizon router for TV program guide, etc. -- Cannot rid this completely.
• The home has 3 levels - basement, floor 1 and floor 2. There are 2 cat5e cables running between the basement and floor 1 (not terminated, yet)
• Currently I am building a server / nas (based on Supermicro C2750 board) for home and office 2 use. I am planning on locating this on Floor 1.
• Office 1 will get its own server in the near future

Existing setup:

• No vlans' etc. Most of the devices are connected on wireless to the Verizon router
• No servers, nas, etc.
• VoIP - a tangle of wires to say the least. Office 1 has 4 (adapters and) cordless phones; and the home has 1 (adapter and) cordless phone all of them are connected to the Verizon router. It is a mass of wires and cables between the router, surge protector...etc.
• All the equipment is in the basement.
• Lot of wifi dead zones on Floor 1; limited wifi on Floor 2

Proposed setup:

• Goals: Separate home, guest, voip and (two) office (office 1 and office 2) networks
• Goals: Share common resources such as printer between the home and office network
• Plan (please see the attachment):
  • A capable router (suggestions??). Would like to have VPN capable router. I have looked at Unifi Security Gateway, EdgeRouter? Other? --> Really unsure about this choice.
  • Basement: 1 managed switch in the basement for Office 1 and office 1 voip; 1 AP for wireless. VLANs: internet, Voice, Office 1 and Shared Resource.
  • Basement: consolidate the 4 individual VoiP boxes with a 8 line cordless offering from Panasonic (TGP 600)
  • Floor 1: 1 managed switch for home and office 2 and home phone; 1 AP for wireless. VLANs: internet, Voice
  • Floor 1: Turn off Verizon wireless; Move to floor 1 (alternatively, keep it in existing basement location -- rca cable is already hooked up to set top box and works).
  • Router --trunk--> Basement switch --trunk--> AP || Basement switch --trunk--> Floor 1 switch --> AP
  • VLANs: voice, internet only (guest), office 1, office 2, home, network management

Questions:

• Does this setup seem reasonable, overkill, insufficient, etc.?
• I have a chromecast that we use to control using mobile phones, if the mobile are on say the "home" vlan and chromecast is on "internet only" vlan, can we still control the chromecast from the mobile? Similar question about sharing media files on the office 2 fileserver. Alternatives?
• Equipment suggestions:
  • router: ? UniFi Security Gateway? Others?
  • switches: ?
  • AP: UniFi AP AC Lite?
  • Other items?

CV

 

[thiggins]

Don't cascade the switches if you can help it. Run two CAT5e lines from each floor to a switch or Gigabit LAN ports on your router. The extra run is insurance in case a cable gets cut or you need more bandwidth via link aggregation.

 

[coxhaus]

The way I would share devices across VLANs is to use ACL, access control lists, and assign all VLANs an IP network address. I would set a reservation IP address to the device I was going to share so it will receive the same IP address every time so you don't have to change your ACL because your sharing device received a different IP address. So you will need a router or layer 3 switch which will support ACL, access control lists.

 

[theonlyski]

First here is some basic information about this project:
Internet provider - Verizon FiOS (Fiber) 75/75 (can increase this as needed

Good choice. I have had FiOS for a couple of years and it's been mostly rock solid, way better than cable internet.

Need the Verizon router for TV program guide, etc. -- Cannot rid this completely.

I know this pain well.

Goals: Separate home, guest, voip and (two) office (office 1 and office 2) networks
Goals: Share common resources such as printer between the home and office network

This shouldn't be too complicated to do.

A capable router (suggestions??). Would like to have VPN capable router. I have looked at Unifi Security Gateway, EdgeRouter? Other? --> Really unsure about this choice.

This is where it gets tricky, if you want to continue to use the FiOS router, you will need an intermediate router to sort of trick the FiOS router into thinking it's directly plugged into the internet, when realistically it's not. You don't mention the remote DVR connection or the on screen caller ID, but those further complicate the setup (this is how I have my home set up)

Just curious, before I get too into this, how many devices are you expecting to have connected at a given time, do you have any spare PCs laying around with a couple of NICs that you can throw into it, what is your budget?

I have done something somewhat similar in my house and it works quite well, but it was a pain to set up (mostly due to not finding any good resources for what to do/how to make it all work). What you're talking about doing is achievable, but it will take some work and possibly some care and feeding. I recently lost my TV guide and found out that the FiOS router was just hung up but due to the complicated network, it wasn't that easy to find, a simple reboot cleared it up for me, once I identified what to reboot that is.

 

[Cloud200]

For VZ Fios netoworking altered beyond the default config I STRONGLY recommend reading the following:
http://www.dslreports.com/faq/16077

I am using the 9th option with my own router using an ethernet handoff and an actiontec moca bridge connected to my switch.

 

[theonlyski]

For VZ Fios netoworking altered beyond the default config I STRONGLY recommend reading the following:
http://www.dslreports.com/faq/16077

I am using the 9th option with my own router using an ethernet handoff and an actiontec moca bridge connected to my switch.

That's some of what I used to set mine up, very useful site. The reason I asked about the requirement for remote DVR management and on screen Caller-ID is because that option doesn't support it.

Does not support remote access to DVR, on-screen caller id or VZ's CPE management interface (see note #3 above).

I am doing more like the 3 router setup listed on that page.