I'm looking for some suggestions on a homelab setup to study for a cybersecurity cert and generally learn networking.
DNSSEC would be a plus but not a requirement, don't need alot of range, price not huge issue but prefer something new that doesn't cost $300 & is near impossible to brick.
I'm thinking about buying the GL.iNet GL-MT6000- for network segmentation, not a Dumb AP.
I also have a Protectli Vault 4WC and a Pi 400 w/ only 4 gb of Ram that I'd like to incorporate into the homelab. Any suggestions?
Maybe use the Pi for a server and the Protectli for a firewall?
Why neither the Zimaboard nor the Protectli vault are officially approved or supported hardware devices?
My friend btw installed Openwrt on a Banana Pi, which is as far as i can tell is a semi-supported device, but he's way better than me tho. I'm not so sure I could do that...
From a quick Google search, aren't they x86? Then you can just install it as any other x86 machine by following https://openwrt.org/docs/guide-user/installation/openwrt_x86. The devices that show up in for example the firmware selector are SoC:s that need bespoke firmwares, which x86 doesn't. You will need to install any necessary drivers not part of the base image, but if you're only planning to used wired networking that should just work out of the box.
For a modular setup, something like this could be used
router: Protectli Vault 4WC
switch: Netgear GS305E
accesspoint: GL.iNet GL-MT300N
client: Pi 400
No, I wasn't aware that x86 hardware doesn't need to be on the approved list.
Those install directions look pretty hairy. The openwrt install instructions from Protectli are the same.
I feel like maybe I can do it but I'm just as likely to brick the device.
I want to start learning how to install this kind of open source hardware, but maybe I should buy the out-the-box solution.
Thanks to everyone who replied. I really appreciate it.
I'm kinda bummed bc the Pi i thought i was going to use this morning when i woke up doesn't have enough RAM for Luci, and then early this afternoon I realized my 4-port Protectli is different than the 4-port Pro version I saw Techno Tim use to install openwrt on proxmox. Sigh.
Brada is right I should try building a home lab with Virtualbox. I also really appreciate dannil explaining to me that x86 devices don't need 'bespoke firmware' (i had to look that term up) and hence don't need to be on the approved list. He also said the MT6000 is unbrickable and is a great first device for newcomers so I'm probably going to buy one of those.
I also sent in a support ticket to Protectli asking for help getting Openwrt set up and what should I do for recovery if I mess up the install.
I bought that Protectli for pfSense before I realized pfSense doesn't have secure wifi.
Are all of you computer science majors or something? How you learn how to do this stuff? I really want open source software but i don't know how to install it- like, i bought a brandnew Google Pixel 7 Pro for Graphene OS n couldn't install it..
How i learn how to do what u guys do?
Buy an MT6000, install it on Protectli, and/or set up a homelab w/ Virtualbox?
This is the Way?
Figure out how to run OpenWrt on an x/86 and then try to study.
Although, my gut says, you are trolling for us to do your homework for you.
I don't care if you are trying to cheat: the class after me were allowed Texas Instruments calculators while we had slide rulers.
I care you may be trying to use us absent an admission.
My 1st generation Pi 1B (a decade old) with 512MB ram can still have OpenWrt with Luci, I wonder if you can buy a Pi that's worse than mine??
Protectli, different models different CPUs, just a matter of speed, your 4WC has quad core J3710 which is quite OK for most use cases (if you need SQM with 1Gbps probably not).
Just like your home PC, if your desktop/laptop OS messed up, what should you do?? If you know how to answer this question, it's the same for your Protectli. It's just a PC with more ports, different hardware, you can even install Windows on it to make it a desktop PC if you want. This is just something like PC 101 question.
If you don't even know how to think in this way, I am curious how would you step into the world of cyber security??
Sometimes I am thinking, maybe just use the USB OpenWrt dongle (get small form factor one like Samsung FitPlus/Lexar JumpDrive S47) with squashFS and call it a day....we don't even need to install any drive inside the machine.
R u serious?
I thought for sure I read on the official openwrt website that 4gb of RAM was only enough to run Openwrt from the CLI and that LUCI needs 8gb bare min or pref 16 gb RAM.
Openwrt on a Pi Zero?
holy crapola
wow that's impressive
So maybe i'll try that openwrt install on my Pi and use the Protectli for the server I need. I haven't really decided whether to buy the MT6000, try it on my Pi, or nevermind about the third option.
Protectli warned me against trying to install openwrt after I filed the Support Ticket they replied vey promptly...
We have an article here that gets used many times a day to install pfSense. It’s a step by step tutorial so pretty easy to follow: https://kb.protectli.com/kb/how-to-install-pfsense-ce-on-the-vault/
OpenWRT is a good option but it isn’t as feature rich as pfSense or OPNsense. We have a Knowledge Base article on installing that but it’s harder to install.
If you don't even know how to think in this way, I am curious how would you step into the world of cyber security??
I was hoping I could learn, since I'm keenly interested. I'm great w books and taking tests n theory but applying these things on a keyboard I'm lacking and is holding me back.
I have 10+ minor Coursera certs & i recently earned my Google Cybersecurity cert already n now I'm (almost) 3/4ths thru the CompTIA Security + SCY-701.
That will be my first cert w/ a proctored exam at the end so i figured f i can pass that then i'll just keep on going until I can get a job.
You ARE a computer science major!
Congratulations.
I had friends in that department when i was trying to be a physics major there for awhile.
I'm not trolling you, friend. This isn't my homework.