By /

This enterprise-style homelab mirrors real-world IT and cybersecurity environments. Everything is racked, organized, and labeled for easy maintenance, while providing a realistic platform to test networking, security, virtualization, and VoIP setups.

Rack and Power:

  • StarTech 25U Rack keeps all equipment organized and ventilated.
  • CyberPower CP1500PFCRM2U UPS Implemented UPS power management to ensure graceful shutdown of R630 servers and NAS storage during outage.
  • CyberPower ST425S backup on the ISP router ensures a safe shutdown if needed.
  • Two StarTech 1U ventilated shelves hold monitor, keyboard, mouse, NAS, and VoIP phones.

Networking (Omada Bundle)

  • TL-SG2218 & TL-SG2210MP rack-mounted switches for VLANs and PoE devices.
  • TL-R605 Router, TL-SG2008, TL-SG108E, TL-SG105E switches, EAP660 HD and EAP650 Access Points, OC200 controller, M7350 hotspot.
  • Not all switches are used at once, but having extra gear is perfect for experiments or future expansion.

Firewall:

  • Replaced the TL-R605 with a Silverpeak / Aruba EC-XS appliance running OPNsense 25.7.
  • Wanted a standalone NGFW that doesn’t rely on my server being online; keeps my network secure at all times.
  • ISP router is set in bridge mode; OPNsense handles all routing, firewall, VPN, and IPS/IDS duties.
  • Specs: Quad-core Intel Atom, 16GB ECC RAM, 6x Gigabit ports, 120GB SSD.

Servers & Storage:

  • Dell PowerEdge R630: 2x E5-2690 v4 (28 cores), 128GB RAM, 2x 1TB SSDs in RAID 1 for VMware 7.0.4 Enterprise Plus with Kubernetes, plus 2x 3.8TB SSDs in RAID 1 for main datastore.
  • QNAP TS-673 NAS: 6x 6TB Seagate IronWolf in RAID 6, upgraded with an additional 8GB RAM for a total of 16GB, used for storage, Plex server, private cloud setups, and testing future plans.

VoIP / Video:

  • 2x Cisco CP8845 phones with video support for practicing VoIP setups and conference-style calls.

Workloads Running on This Infrastructure

Enterprise Network Segmentation and Security with OPNsense
Core network security project for my homelab. OPNsense acts as the primary NGFW, handling VLAN segmentation, firewall rules, routing, captive portal, and WAN access. The network is split into purpose-built VLANs, including management, homelab, DMZ, IoT, VoIP, and regular devices. Wireless access points are managed through Omada, while all security and traffic control is enforced at the firewall.

Read more

Windows Server 2025 Active Directory Lab
Enterprise-style Active Directory deployment running on VMware ESXi. Includes a Domain Controller, structured OUs, users, and security groups, as well as Group Policy, and Windows 10 and Windows 11 workstations joined to the domain. Built to simulate a real corporate AD environment.

Read more

Help Desk Ticket Automation (Python + Flask)
A mini help desk ticket system built to simulate IT support workflows. Users can submit tickets, track status, and close requests. Demonstrates automation, troubleshooting, and workflow thinking relevant to IT support and junior sysadmin roles.

Read more