Show us your Firewalla, and Win BIG!

Pinned Featured

Comments

165 comments

  • Avatar
    Dean Nash

    Firewalla Gold sitting on top of the conquered (and replaced) Cisco 1900, Cisco 5508 WLC, and Cisco WS-C4503.  

    5
    Comment actions Permalink
  • Avatar
    Keith Jenkins

    I just recently organized our setup! Simple home WiFi setup with the Red version. Rural speed network (8Mbps) and typically two people at home, while running on Simple Mode. This little guy has stopped a few intrusions! The thing I wished they came with is a mounting bracket/piece!

    2
    Comment actions Permalink
  • Avatar
    Martyn Bristow

    A somewhat cluttered network at the minute, currently turned off to recable ...

    But I have a:

    • *new FirewallaPurple
    • Synology NAS for Data Storage, MySQL and Website hosting
    • RaspberryPi3 running: Grafana
    • RaspberryPi3 running NoIR Camera & EnviroPhat monitor
    • Hue Bridge
    • Hive Home

    I've also got Pi4, Pi400 and PiZero camera on the wifi.

    All hooked up through a Netgear POE Switch

    I'm currently using the FirewallA Purple as a VPN via OpenVPN & Wireguard for remote access to my network
    Currently using the mDNS and overlay network til I fit a new wifi hotspot

    2
    Comment actions Permalink
  • Avatar
    Brian Shimkus

    It's not pretty, but it's been rock solid for quite some time now.  As an original beta tester of the Gold, I have to say it's been one of the most well design, reliable, and downright fascinating products I've ever used.

    Support from the Firewalla team is top notch and they genuinely listen to feedback from users.

    My Gold is operating in router mode, with 940/940Mbps fiber connection, with four Eero wireless access points (operating in bridge mode), and a couple of PoE switches for cameras.

    Would love to get around to cleaning up the cabling, but when you never have to go mess with hardware, it's hard to justify the time.  :-)

    2
    Comment actions Permalink
  • Avatar
    Chris Pickett

    I have to live on the firewall. The kids keep finding new stuff to get into, or new things they have to get into. Between laptops, Switches, 3DS'es, smart TV's, Alexas, smart home technologies, iPhones, iPads, Android tabs, Chromebooks, servers, old machines being re-deployed, trusted guests and their trusted devices and more, I'm handling a LOT of devices to the point where I'm going to make a new network just for "smart home" stuff. I'm also deploying multiple WIFI networks so we can maximize the 600MB throughput on the Comcast box. At the same time, no more "up all night" binge watching on Netflix or gaming or venturing into non-approved parts of the internet.

    Each kid has their own group and devices. I have some other groups I can move into, such as "restricted", "unrestricted" and "adjusted time".

     

    I was going to buy a second for my former day-job, but I never got around to it before that job and I parted ways. Site to site VPN! Well, the routers did that anyways, but the Firewalla offered me some extra options.

    That little Blue Plus is a hard working little device. Simple mode is NOT simple! Don't let the name fool you. It's simple to use, simple to manage and it does a lot more than a tiny little box should be allowed to do.

     

    2
    Comment actions Permalink
  • Avatar
    Robbie Pearce

    Firewalla Blue Plus 

    A not so small task made easy by Firewalla; blocking all the things and keeping the family safe. 😃

    1
    Comment actions Permalink
  • Avatar
    Chuck Gwin

    Aloha to all.

    I used my Firewalla Gold in router mode as a centerpiece of my Capstone project to reconfigure, and segment my home network/lab.  The focus of my research was to identify and mitigate the known security risk of consumer-grade IoT devices to a Home Area Network (HAN) using standard network management methodologies.  To find these risks I used Greenbone® Vulnerability Management software version 20.08 (GVM) running under a guest ParrotOS v4.10 virtual machine (VM) configured in the software’s security model with host services provided by VMware Workstation 16 Pro, version 16.1.0, build-17198959 running on a Microsoft Windows 10 Pro workstation.

    Attached are two photos of the Firewalla Gold installed in my in-wall media cabinet.  The first was taken under flash, and the second without to show operation as indicated by lights. The third picture shows the final network configuration that isolated all known security risks from the primary data layer of the HAN designated as LAN 1.  LAN 2, and LAN 3 are segmented and isolated from internet access by the Firewalla Gold with LAN 1 access via WiFi being isolated through the strict use of non-privileged Guest accounts with resource sharing disabled.

    In the end, this was an extremely fun project, and one I hope is worthy of this contest's first prize - a Magnificent Firewalla Gold!  Of course, I will settle for a Purple too, but do know that the Gold is the standard to beat - bar none!

    3
    Comment actions Permalink
  • Avatar
    gonzales.aaron

    This is a my 2nd Firewalla for my home network, I started off with a blue. I upgraded to a Gold this summer. For starters, I have all gear except the APs inside a “hidden” in a cabinet in our guest bedroom. My ISP is Xfinity, I am using a Motorola modem connected to the Gold in router mode. From there, it runs out a Cisco 2960CG switch that breaks out to a vonage box for voice and the connections to the Netgear WAX610 WiFi 6 APs. Everything we have here is wireless, but I am planning on the turning this room into my office. When that happens, I will use some wired connections to gear that will be setup permanently.

    Recently, my service with Xfinity was upgraded 1200mbps, so I will have to upgrade my modem and switch. Everything caps out at 1G and the APs can do a 2.5gbps wired connection.

    2
    Comment actions Permalink
  • Avatar
    Phil Sharp

    Gold Simple Mode & OVPN server. Never offline.

    UDM-Pro 10Gb Fiber LAN Pi4 Pihole UISP Server (top right)

    ~150 daily devices

    Cable 450/25Mbs WAN1

    ATT DSL 18/1Mbs WAN2 (failover)

    5
    Comment actions Permalink
  • Avatar
    John Radway

    This is a network rebuild for a cabin resort spanning 10 acres. The previous IT company basically gave up, the WiFi was almost non-existent, they had to revert back to land line as VoIP was inoperable most of the time. They had an ISP for Office & Cabins, with a separate ISP into the house all on the same property... it was a mess! They have a young teenager trying to enjoy gaming with endless problems, low bandwidth, malware, unstable connections etc., Firewalla Gold solved all these problems. The area doesn't support more than 50/10 MB, by adding  a dual ISP input at the Office (removing the overpriced house ISP), Firewalla combined the bandwidth to 100/10 MB with load balancing providing throughput to support all their needs. They now have 10 acres of stable WiFi coverage, owners, kids & guests all able to enjoy the internet anytime. I've been back a couple times to check in, but mostly just to relax as Firewalla is taking care of business. Other nearby resorts have reached out for network rebuilds/upgrades after hearing so much positive feedback. 

    Thanks Firewalla Gold for making IT life more enjoyable, there's no doubt what I will be using on future network builds.

    5
    Comment actions Permalink
  • Avatar
    Nosterzab

    As cool as my wife will let me be!  :)

    Pretty simple. Family room 'rack' (or lamp stand in this case.)   Dual cloud setup with multiple terabyte backups. Gaming wireless router for my family and a 1G connection.  Gold is in router mode. Integrated flawlessly!!  I will be adding another ISP connection for work purposes as well.  Love to show my employer what this can do!

    If chosen as a winning setup, I'll add another Firewalla.  That'll drive spouse nuts!! (kidding, of course.)

    1
    Comment actions Permalink
  • Avatar
    Steven Van Dyke II

    3
    Comment actions Permalink
  • Avatar
    David Rouleau

    Because it sits in a common area of our home, I had the challenge of making my network functional, tidy(!), and out of the way.  This is the top of a bookshelf that stand beside my desk.

    From right to left, you can see my UPS, cable modem, NAS (storage and media host), primary WiFi AP, and my Firewalla Gold.  The Firewalla is my router and DHCP server serving 2 separate internal subnets, one for the regular access to all networked devices (WiFi, NAS, printers, etc), and a second for wired work systems that only has Internet access and cannot see any other internal peripherals.  The first subnet gives priority to video-conferencing for work and the two university students in my home.  The second subnet has more access restriction to prevent company devices from accessing (and logging) prohibited materials on the Internet and reducing exposure to potential threats from "questionable" websites.

    So, the wife is happy with the appearance and I am happy with the functionality and performance of my network!  thanks for putting together such a great security device in such a small, tidy package!

    1
    Comment actions Permalink
  • Avatar
    Flea

    Here's my current closet setup. I'm violating a couple of Eero specific rules here (topology and mounting position), but things have been working perfectly since implementing this, so I'm sticking with it:

    ONT -> FWG in router mode

    • FWG Port 1 -> Legrand 8 port switch -> Rooms with wired devices.
    • FWG Port 2 -> Eero Pro 6 gateway in bridge mode -> TPLink 5 port switch -> two more wired Eero Pro 6 units in other parts of the house for full coverage.

    I isolated the Eeros because:

    1. Don't really see the point in forcing the wired devices to go through the Eero, and I have no need to see them in the Eero app
    2. This allows me to reboot the Eeros whenever I want (like when updates are available) without impacting the equipment in my or my wife's offices, since our laptops (when docked) and other work equipment are all wired.

    White cables are all coming in from outside the enclosure, blue are patch cables between devices inside the enclosure. Ignore the RG6 bundled at the top, we don't use cable anywhere in the house, so these aren't connected to anything. The UPS at the bottom of the enclosure keeps everything (including the external ONT) live during power blips :)

     

    1
    Comment actions Permalink
  • Avatar
    Scott Harrington

    Small but mighty

    1
    Comment actions Permalink
  • Avatar
    Firewalla

    If you are posting with the QR license code in the picture, I am going to hide it. Please do not take a "clear" picture with the Firewalla QR code in. 

    0
    Comment actions Permalink
  • Avatar
    Regis

    SpaceX Starlink + Firewalla Gold + 50 devices

    My Firewalla Gold protects my network from all interstellar threats with skills and style.

    SpaceX Starlink dish
    Starlink PoE box
    Starlink WiFi Router (Useless, removed, shown for picture)
    Firewalla Gold (Router Mode) MY PRECIOUS
         - DSL box (Link aggregation testing in progress) not shown, from basement using TP-Link’s Powerline adapters

         - Netgear Orbi Pro SXR80 (AP Mode) WAN+4 ports switch
              - Eufy Security HomeBase #4 (ethernet)
                    EufyCam 2 x2 (WiFi 5)
              - HP Omen PC x2 (WiFi 6)
              - HP Printer (ethernet+WiFi)
              - Apple MacBook Pro (WiFi)
              - Apple iPad Pro x2 (WiFi 6)
              - Apple iPhone Pro Max 12/13 x3 (WiFi 6)
              - Apple Watch 6/7 x3 (WiFi)
              - HP Printer (ethernet+WiFi)
              - FlightScope Launch Monitor (WiFi)

              - Netgear Orbi Pro SXS80 1 (WiFi backhaul, basement) 5 ports switch
                  - Synology DS419 Slim (ethernet)
                  - Eufy Security HomeBase #1 (ethernet, basement)
                        EufyCam 2C x2 (WiFi)
                        EufyCam 2 x2 (WiFi)
                  - Eufy Security HomeBase #2 (ethernet, basement)
                        EufyCam 2C x2 (WiFi)
                        EufyCam 2 x2 (WiFi)
                  - Eufy Security HomeBase #3 (WiFi, garage)
                        Video Doorbell 2K x2 (WiFi)
                  - Apple TV 4K #1 (WiFi)
                  - Sony Smart TV 4K #1 (ethernet)
                   
              - Netgear Orbi Pro SXS80 2(WiFi backhaul) 5 ports switch
                  - Apple TV 4K #2 (ethernet)
                  - Sony Smart TV 4K #2 (ethernet)
                  - Sonos ARC (ethernet, SonosNet) + Sonos ONE x8 (WiFi, SonosNet)
                  - Philips Hue Bridge (ethernet)
                  - Nuki Smart Lock Bridge (ethernet)
                  - Thermomix TM6 (WiFi)
                  - Dyson 360 Eye (WiFi)


     

    1
    Comment actions Permalink
  • Avatar
    Scott Harrington

    should i delete the post and redo the photo?

     

    0
    Comment actions Permalink
  • Avatar
    Jeff Uslan

    Firewall Gold Test Lab

    2 rack mounted Firewalla Gold's each on a separate 1/1 GB Frontier FIOS

    1 Firewalla Gold (another 1/1GB connection) to test unit used to cut / paste "rule" set adds and send them to IT for 7/24 support of remote users

    Supporting presently 10 @ home users (going to 20+) working for a Post-Production environment.

    Firewalla Gold's are used to protect content via VPN to our FortiGate F/W - isolating it from any external "Internet" access and to separate our user from their personal home network, including wireless, access to any form of social media, rouge users / room mates trying to attach to the any of the open ports on the Firewalla.

    Testing includes the use of Mac & P/C, NAS Devices, client-end users SonicWall, VoIP and wireless only connected end users from 4 different ISP's and their routers with various end-point connectivity. 

    Software testing for appropriate rule sets being used include Outlook / Exchange, Zoom, MS Teams, Slack, Yealink VoIP phones over a Zoom "Phone" managed network. 

    All this and porting each Firewalla's configuration / rule sets to 5 ~ IT support group company iPhone.

    Fun ...

    1
    Comment actions Permalink
  • Avatar
    Mikey

    The rack of the equipment that lives in my closet.  I use FW Gold for all entry/exit traffic from the house.  Both the FW devices are near the bottom of the rack.  The gear is mostly Ubiquity Gear roughly wired as below:

    The bottom half of the cabinet is all networking gear.......the top part is for whole house audio/video

    Both the FW Gold and the FW Blue connect to VPN destinations offsite (Remote FW's are both Blue's).

     

     

    2
    Comment actions Permalink
  • Avatar
    Andrew Wheeler

    My setup is in the entertainment center:

    Firewalla Purple (in router mode) in-line between the 1Gbps Fiber modem and eero pro 6 tri-band mesh network (in bridge mode). Eero uses a wired backhaul to the other eero on the opposite side of the house to provide full WiFi 6 coverage. Multiple unmanaged switches are used to bypass the eero for wired connections. Apple TV 4K next to a Smarthings hub. Farside has an Nvidia Shield and DirecTV Stream set-top box. TV is a 77" OLED LG C1 (2021). Powered by Klipsch speakers in a 7.1.2 Atmos configuration. I love all of it!

     

    3
    Comment actions Permalink
  • Avatar
    J G

     

    Firewalla Gold in Router Mode

    Primary Network:

     

    Hotwire > Firewalla Gold  > Linksys MR9600 > 5 Linksys Velops

                             |

    Netgear GS716T 16 port Switch

                         |

    Synology NAS 920+, Vivint Smart monkey

     

    I love the capabilities of the FWG, being able to manage over 36 devices. Like my VPN, Local File shares, Local NAS, UPS, computer Backup.

    I have a stable network environment with NO Complaints. However, I can't wait for the 1.48 update and when the wifi adapter comes out for Firewalla Gold!

     

    Thank Firewalla!

     

     

     

     

     

    2
    Comment actions Permalink
  • Avatar
    Tom Matthews

    Firewalla Gold, in router mode, running 3 distinct networks on the LAN ports - 1 for IoT devices, 1 for gaming, and 1 for everything else. In the pic, a Raspberry "Pi hole" to keep the ads out, two NAS units for media and files, and a small monitor for local admin on all the devices as needed. Not shown - a Firewalla Purple for use during worldwide travels and secure VPN back home to the Firewalla Gold.

    2
    Comment actions Permalink
  • Avatar
    Chris Mcmanus
    Due to a delayed delivery of my new Firewalla Purple, which just arrived this evening, I had to rush to get an entry in. This style of entry is a small movie. I might not be eligible with a movie, but it came out cool. 
    This is the Facebook link to the movie. It will be live until the contest is over.

    https://www.facebook.com/1334481160/videos/240208591536974/

    Enjoy all and be safe.
    1
    Comment actions Permalink
  • Avatar
    JM

    2x Firewalla Gold's that were daisy chained and both set in router mode, final configuration is TBC, as i am currently playing around with a couple of ideas before i decide on the final configuration and set-up, which may end up looking something like the following network structure:

     

    -----

    1.0:  internet  <--->

    -----

    2.0:  modem (bridge mode)  <---> 

    -----

    3.0:  FWG #1  (primary router)  <--->

         *all LANs 2-way isolated from each other

         3.1:  WAP #1 Guest WiFi (not in picutre)  <---)))

         ---

         3.2:  security cameras / printer / mini-PC (future print server, DMZ, other??) / TBC  <---||

         ---

         3.3 / 4.0:  FWG #2  <--->

    -----

    4.0:  FWG #2  (secondary router & fire wall, and potential future mini NAS on the internal m.2 SSD)  <--->

         ---

         4.1:  WAP #2 private WiFi with hidden SSID  <---)))

         *isolated from all other local LANs 

         ---

         4.2:  LAN main secure network / switch / NAS, etc as required  <---> <---> <--->

         + access to mini-NAS, printer, etc.

         ---

         4.3:  printer / security cameras / TBC  <---||

    -----

     






    1
    Comment actions Permalink
  • Avatar
    Eric Wiles

    I'm running this setup at DHCP for each lan. 

    Me and my neighbor, who's connected by fiber to my house, are splitting the ISP bill. 

    Whole lot of wifi devices were left out but this is what it's in a nutshell. 

    I have a separate network/port dedicated to my neighbor, then two other lans for myself. 

    One is for all of my wired network and my secure wifi. When I mean secure anything with personal information/date is plugged into that network. Then another unsecure lan network goes to another mesh network only for smart devices that reach out to foreign countries for patches and to operate. This setup gives me apiece of mind. 

    Firewalla is the best, hands down....glad i purchased it two years ago! 

    Going to use the Firewalla blue to connect via VPN back to my Gold at my house before going out next!

    1
    Comment actions Permalink
  • Avatar
    Charles Smith

    Guard Duty with Firewalla Gold---

    My Firewalla Gold is located under my desk and is well guarded by my cat named, "Trouble".

    The Firewalla Gold is in router mode with DNS over HTTPS, Device Quarantine, and Wireguard VPN.  The VPN is currently set up as in a server/client operation for access into my network when I am traveling.  Future plans are to have a Firewalla with me on my travels that will establish a site-to-site VPN to my home network.

    There are three switches connected to the Firewalla, one being a Netgear router set in AP mode primarily to provide wireless connectivity (see network diagrams).  The Netgear router was my router which connected to my ISP's router before I acquired the Firewalla Gold.

    Looking forward with plans to establish network segmentation leveraging the features of my Firewalla.

    I would love to see a future version of Firewalla with a minimum of five (four LAN, one WAN) SFP+ interfaces capable of auto-negotiating speeds from 1Gbps to 10Gbps.

    1
    Comment actions Permalink
  • Avatar
    Rob Marles

    In transition mode - I am still trying to get a proper rack together for the equipment, so right now it's just sitting in my shop :/  Firewalla gold running in router mode.  Until I got the Firewalla Gold, I was running pfSense via a dedicated WAN nic in the VM host underneath the switch.  I have two Aruba AP22s that are replacing older Aruba IAP225 (one of each pictured).  These are also new and need to be mounted.

    It's been a while since I've looked at the network diagram I made (more to help the family in case something happens to me!), so I quickly updated it for this but definitely needs to be recreated: 

    2
    Comment actions Permalink
  • Avatar
    Bruce Wilson

    This is my basic setup. ISP provided router (unavoidable) connected to my Firewalla Gold which then services my home network. Currently using a Linksys Velop AP and gigabit wired connection for most devices on my network. Next upgrade is to move IoT off to their own AP.

    1
    Comment actions Permalink
  • Avatar
    nilwon

    Hey All,

    Definitely Loving my Firewalla Gold running in Router and handling my DHCP for the house. The WAP's are Eerro's running in Bridged mode. Here's the setup:

    Physical:

     

    Logical:

     

    Hope everyone is staying safe!

    2
    Comment actions Permalink

Please sign in to leave a comment.