Need Advice in Advance Home Network

[kamran1998]

Hi,

I plan on upgrading my homenetwork by purchasing a Mac Mini Server, and use it as a webserver, mailserver, timemachine, file sharing, and VPN. I currently have the LaCie 5Big NAS Pro for sharing files on the local network, but could use an upgrade in features and performance. My current internet speed is by Cox, I have 180MBPS download and 50MBPS upload.

Now I have several questions, I have port 80 and 25 blocked, will I have any issues in setting up a mail server or webserver? (Is it possible to ask COX to unblock them?) Addionaly, I am unsure if I need a hardware firewall, Netgear has a VPN & UTM firewall, if I need a firewall can you please provide me with a type and specific model number? Below I listed a few possible scenarios for my network setup, please tell me which is the best for my needs or a totaly different setup.

1. Modem => Airport Exteme => Mac Mini Server => Netgear Switch

2. Modem => Netgear Firewall => Airport Extreme => Mac Mini Server => Netgear Switch

3. Modem => Mac Mini Server (Use as Router) => Airport Extreme (Bridge) => Netgear Switch Will I need a firewall software on my Mac Mini with this setup?

Anyother Solutions?

Anyone have a similar setup?

Thanks!

 

[satcomer]

Hi,

I plan on upgrading my homenetwork by purchasing a Mac Mini Server, and use it as a webserver, mailserver, timemachine, file sharing, and VPN. I currently have the LaCie 5Big NAS Pro for sharing files on the local network, but could use an upgrade in features and performance. My current internet speed is by Cox, I have 180MBPS download and 50MBPS upload.

Now I have several questions, I have port 80 and 25 blocked, will I have any issues in setting up a mail server or webserver? (Is it possible to ask COX to unblock them?) Addionaly, I am unsure if I need a hardware firewall, Netgear has a VPN & UTM firewall, if I need a firewall can you please provide me with a type and specific model number? Below I listed a few possible scenarios for my network setup, please tell me which is the best for my needs or a totaly different setup.

1. Modem => Airport Exteme => Mac Mini Server => Netgear Switch

2. Modem => Netgear Firewall => Airport Extreme => Mac Mini Server => Netgear Switch

3. Modem => Mac Mini Server (Use as Router) => Airport Extreme (Bridge) => Netgear Switch Will I need a firewall software on my Mac Mini with this setup?

Anyother Solutions?

Anyone have a similar setup?

Thanks!

To have your own Mail Server is problematic at almost every ISP. To do a Mail Server you have to have a Business Account, not a consumer account. Plus I would look at Synology Products because with their new DSM software you can do a lot of things a server used to do.

Plus IMHO the Airport Extreme would be your best bet because the OS X Server automatically configure it when you add services.

 

[jcbhammond]

As mentioned you could have some issues with ports through your ISP. Some ISP's like to block certain ports to ensure that users buy the more expensive business solutions when dealing with mail and web servers. Also some ISP's like to switch up the assigned IP's they send out to the router. This again will be an issue when trying to access mail and web servers.

Your first option should be a decent setup for home use. But I'm going to defer to a more knowledgeable person on the firewall issue.

 

[talmy]

As others have said, forget the web and mail servers. Not only would you need a business account, it's less expensive to have these hosted for you than to do it yourself. If your modem doesn't have router functionality you will need a router. An Airport Extreme will do and nicely integrates with OS X Server. You will want a dynamic-DNS server (I use Dyn) and a domain name (I use the one I've got for the hosting service and just set up a subdomain record to point to my Dyn account). This will give your server a domain name and gets around your dynamic IP address.

My setup (FiOS) uses their supplied router with Wifi, DNS, and DHCP services turned off. Since it's their device connecting to their network, that keeps them happy. I use an Airport Extreme in bridge mode for my wireless access point and a Netgear Ethernet switch. There are 13 devices (mostly computers) on the network plus occasional guest computers.

I've been running it for 4 years now, starting with Snow Leopard Server. Configuring has gotten simpler. I recommend the set of videos on setting up Mavericks Server on Youtube by Todd Olthoff. My personal experience is here

 

[kamran1998]

Thank you all for your response,

Currently I am hosting 3 websites, two of them are actual sites with visitors but doesn't get much traffic and I am sure my internet connection is fast enough to host them. The other one is a family site, which receives very little traffic, it's primarily used as a forwarding mail server, therefore it just forwards whatever email it receives. I am currently paying, $120 yearly for my current hosting bill.

Additionally, I saw this company: http://www.noip.com/, it allows you to host a site and mail server for $30 yearly even if your ISP blocks port 80 and 25. If anyone uses COX, do you know how much there business plan cost?

My current network setup is already advance, (Attached Pics of Setup). I already have the Airport Extreme and other network equipment. Regardless of a webserver and mailserver, I am planning on selling my LaCie 5BIG NAS Pro on Amazon and upgrading to a Mac Mini Server which is connected to the LaCie 5Big Thunderbolt 10TB and use that as a server.

With that being said, I am not planning on purchasing anything that I wouldn't purchase if I was running a webserver or not. With that being said, should I still run a webserver and mailserver, my sites run wordpress, or should I continue to pay $120 yearly for them with Dreamhost?

Also, which Netgear firewall do your recommend? I have 50 devices on my network.

Thanks

 

[talmy]

Currently I am hosting 3 websites, two of them are actual sites with visitors but doesn't get much traffic and I am sure my internet connection is fast enough to host them. The other one is a family site, which receives very little traffic, it's primarily used as a forwarding mail server, therefore it just forwards whatever email it receives. I am currently paying, $120 yearly for my current hosting bill.

Additionally, I saw this company: http://www.noip.com/, it allows you to host a site and mail server for $30 yearly even if your ISP blocks port 80 and 25. If anyone uses COX, do you know how much there business plan cost?

Noip.com is a dynamic DNS service like DYN that I mentioned in my post. It allows you to access your home server by a domain name (either one they supply or your own if you have one). You would want this for VPN, as well as the web and mail. However your terms of service with COX undoubtedly prevent you from running a web server and it is difficult to get other mail servers to connect to yours if you are on a residential account (this is to prevent spam). A business account would remove the restrictions and would give you a static IP address so you wouldn't need a dynamic DNS service. But it would cost you more than that $120/year you are paying now.

 

[kamran1998]

Thanks for your response, even though my IP is dynamic it hasn't changed in the past two years. With that being said, is it possible for me to use a different port. How about SSL only and use port 443 for my sites?

And I do run a website at home, is it possible to block port scans so cox doesn't find me?

Thanks

 

[talmy]

Thanks for your response, even though my IP is dynamic it hasn't changed in the past two years. With that being said, is it possible for me to use a different port. How about SSL only and use port 443 for my sites?

And I do run a website at home, is it possible to block port scans so cox doesn't find me?

Thanks

Yes it is possible, but if they find out you may be permanently disconnected. You can't block port scans, but if your website is just on your LAN it doesn't go out and you are safe.

 

[jcbhammond]

The issue isn't really that you can't host mail and web servers from home, but it is difficult and you lose out on the security and maintenance features that Dreamhost is providing.

I would say play with it if you want to see if you can get it doing what you want then make your decision.

That said there is a lot more that you are paying a hosting company for than just speed. If it was a small family website or game server for your 3 closest friends, their is less of an issue, but when looking at commercial applications Cox will start to get very mad at you.

 

[sevoneone]

If you are just running Wordpress sites, have you considered rethinking the plan(s) you have with Dreamhost? They have a WP optimized managed virtual server package that runs $20/mo per site right now.

That would cut your current costs in half. Depending on what type of traffic and content you're hosting you might be able to save more.

Take the savings and put your domain on Google Apps for mail/contacts/calendars. If you don't like Google, you can get hosted Exchange accounts for roughly the same price from Intermedia.

Even after that, you'd have enough left over for a DYN account which you can point at your home server for VPN, File and Directory services. Profile Manager is handy too if you've got multiple Macs and iOS devices around the house.

 

[kamran1998]

Hi,
On dreamhost I pay $10 monthly for all of my domains, but I need to pay for the domain registration of course.

Do you recommend any VPN firewalls then? Preferably Netgear?

 

[mvmanolov]

Hi,
On dreamhost I pay $10 monthly for all of my domains, but I need to pay for the domain registration of course.

Do you recommend any VPN firewalls then? Preferably Netgear?

i'd setup a VPN on the server rather than getting a VPN firewall. for a FW i'd get a Netgear UTM10 or a Zyxel USG50/100

 

[kamran1998]

Hi,

Will the UTM10 be sufficient for my needs, about 50 devices on my network. Internet speed 180 down and 50 upload? Also, some are offering 3 year service what is the that service?

Thanks

 

[BrianBaughn]

Sounds like you've got your mind made up to do what you want to do.

I'll just throw it out there that domain names are cheap ($10/year or so) and hosting can be, also ($1.29/month at hostmantis.com).

 

[kamran1998]

Thanks, so just to confirm should I go for the UTM10 firewall?

 

[mvmanolov]

Thanks, so just to confirm should I go for the UTM10 firewall?

buddy, you really need to do some research on your own.... you know your network/needs best so you should figure out if the UTM10 fits the bill.... read the product description, read reviews, but most importantly read.......

asking others to do the leg-work for you is somewhat insulting.... we can give you suggestions and point you in a direction but are you seriously asking us to learn your network, your needs, do the research figure out what product is best suited for you and then tell you what to buy....? C'mon!

I mean there are people that will do all of this for you... but they will also charge you accordingly!!!! So buckle up, put on your "grownup hat" and do your own research....

 

[kamran1998]

Apologies "mvmanolov", yes I did research on the UTM models but found little to no information about them. I didn't want someone to configure my network setup, but just wanted the opinion.

 

[mvmanolov]

Apologies "mvmanolov", yes I did research on the UTM models but found little to no information about them. I didn't want someone to configure my network setup, but just wanted the opinion.

http://www.ca.netgear.com/business/products/security/utm-firewalls.aspx

http://www.itpro.co.uk/623377/netgear-prosecure-utm10-review

http://www.smallnetbuilder.com/secu...-unified-threat-management-appliance-reviewed

http://www.amazon.com/NETGEAR-ProSE...s/B0036ZCE64/ref=dpx_acr_txt?showViewpoints=1

http://www.storagereview.com/netgear_prosecure_utm150_review (Just for comparison)

http://www.eweek.com/c/a/Security/Netgear-Brings-Enterprise-Security-to-the-Branch-Office-871405/

http://www.scmagazine.com/netgear-prosecure-utm25/review/3219/ (another comparison)

http://www.cso.com.au/article/393735/unified_threat_management_device_roundup/


And all of this was me spending about 10 minutes on google.....!!!!!!