Homesheild + seperate firewall

Homesheild + seperate firewall

Homesheild + seperate firewall
Homesheild + seperate firewall
2024-07-04 12:31:54
Model: Archer AXE300  
Hardware Version:
Firmware Version:

I want to use Homesheild as well as a separate firewall running opnsense or pfsense will this work?

  0      
  0      
#1
Options
3 Reply
Re:Homesheild + seperate firewall
2024-07-04 14:03:43

  @_________ 

 

If you plan to use a separate firewall like Opensense / pfSense there's no need to use the router HomeShield feature.

In this case the router should be configured in AP mode. If you insist on using the HomeShiled features, you could but in this case you'll have a double NAT in your LAN.

If this was helpful click on the arrow pointing upward to make it blue. If this solves your issue, click the star to make it blue and mark the post as a "Recommended Solution".
  0  
  0  
#2
Options
Re:Homesheild + seperate firewall
2024-07-07 10:51:19

  @terziyski Thanks for the reply.

I want to use Homeshield for the features it gives me I cannot get from other firewalls so it's going to stay regardless.

 

It sounds like your saying it will still work to use both with the double NAT. Can that cause other problems?

 

I guess I was more asking if having a firewall between the homeshield enabled router and my modem is likely to cause any issues with homeshield phoning home or if it might be pointless because homeshield tunnels straight through/past it....I'm not really sure how it works!

 

I'm also open to other suggestions. I have many reasons for wanting a separate firewall, but one of them is to potentially protect against any abuse that could come from TP-Link themselves (intentional or unintentional) through the use of Homesheilds link to my router.

 

Thanks

  0  
  0  
#3
Options
Re:Homesheild + seperate firewall
2024-07-07 15:00:10

  @_________ 

 

Double NAT is not necessarily a bad thing if you decide to combine a dedicated FW and a Homeshield router. It can complicate port-forwarding when a service in your LAN need it.

I personally prefer to use a dedicated FW for a main router and configure the TP-Link device in AP mode (avoiding double NAT).

When I'm using an ISP modem it's usually configured in bridge mode so the FW router receive the public IP address on its WAN interface (again avoiding double NAT).

If this was helpful click on the arrow pointing upward to make it blue. If this solves your issue, click the star to make it blue and mark the post as a "Recommended Solution".
  1  
  1  
#4
Options