Permanently connect server to lower subnet

Cheaper than a managed switch, though that's the "right" answer, in my opinion.

1 Like

Yes but with along with 50m of cable i would need to get the plugs and crimping tool it become not that cheap. Oh and the threader thing to thread the cable.
But i agree it's the first thing I thought of besides the vpn, was just hoping I could get away without buying more stuff.

Also just had a look 50 meter of cat5e is 30 euros here on amazon, 18 for a crimping tool with terminals other 30 for a cable threader.. :sleepy:

  • Buy a pre-crimped one, then (i.e. above)
  • You can also use IPENCAP instead of Wireguard, less CPU overhead; but the traffic is unencrypted over the LAN

Are you kidding?

@jeff just showed one for $8.95 US, no tools needed!

I found it for $6.50 US:

It will be very fun to thread pre-crimped cable in a 25mm tube with other two already inside it :slight_smile:
And on my amazon 50 meters of pre crimped is ~25-40 euros.

1 Like

OK, in addition to an oven, you now have a conduit...This just keeps getting more and more complex...

It helps if you tell us all of your physical limitations, FIRST.

Well you know there are walls, doors. The oven is the apartment where I setup my network which has no double roofing so atm temperatures around 40 celsius.
The switch is two walls/rooms away so I cannot just lay a cable along the floor and all the electrical tubing in the walls is already quite full.


And I'm guessing the ISP router won't do VLANs?

If not, I suggest in this order:

  • Managed switch
  • Cable
  • Try to see if you can tag VLAN 1 and keep untag VLAN 2 on WAN - then setup server to tag VLAN 1
  • IPENCAP to reduce CPUs
    IPENCAP and testing tagging cost €0.

If a new lan cable in the conduit is difficult and you can't get a managed switch, then this is still an option.

Also setup firewall on your server

1 Like

Yes no vlans. The bothering thing is you said IPENCAP and tags from what I read don't really protect the traffic. And on the ISP router there are many many people I don't know, consider it a public network with ~50 different people connecting each month.

@mbo2o does that protect my traffic? And yes firewall is already up.

1 Like

Your traffic is public to lan 1, if you need to protect take extra steps to encrypt it

1 Like

So it boils back down to

  • Cable
  • Managed switch
  • VPN


1 Like

You don't need to replace the existing unmanaged switch if that is too expensive.

You could add a small managed switch between lan 2 and the unmanaged switch to setup vlan.


Add an openwrt router between instead of small managed switch


Move your current openwrt router to the same location as the server and add an unmanaged switch to original location.

1 Like

Like another one of those GL.Inet would do the job?
Sorry but don't you mean to place it between the server and the unmanaged switch?
Yes also thought of moving the router but then no wifi for me.

Yes and no

After you add it move the server connection to the new device, because you want it on lan 2

Damn you got me all excited thinking of moving the third router which is not that far away and works just as a wifi access point (GL-AR300M).
But then I remember I got the lite 1 lan port version to spend less :expressionless: