I have a 1Gbps symmetrical fibre connection and a TP-Link Deco X75 Pro mesh system covering my house. On paper, that should be more than enough. In practice, it’s been quietly frustrating me for months.

The coverage is inconsistent: spotty upstairs, unreliable in the garage, and barely reaching outside where I need it for the doorbell and the grill area. WireGuard VPN isn’t supported at all, which rules out a proper remote access setup. And the moment you want to do anything beyond basic home networking (VLANs, custom DNS, traffic monitoring, segmented IoT devices) you hit a wall. The interface is designed for people who don’t want to think about networking. I’ve reached the point where I want to think about networking.

So when a friend offered to give me enterprise gear he was decommissioning, I said yes immediately.

What I’m Getting

  • Dell PowerEdge R330, a 1U rack server that will become the backbone of my homelab
  • 4x Cisco Aironet 1702i, WiFi 5 (802.11ac Wave 1), dual-band, 3x3 MIMO access points with 802.3af PoE
  • PoE switch to power the APs without separate power adapters

None of this is bleeding edge. The 1702i is a Wave 1 access point, which means it tops out at WiFi 5 speeds. But enterprise-grade Wave 1 hardware running proper software will outperform consumer mesh systems in ways that matter: reliability, control, visibility, and the ability to actually configure things.

A word on the R330: it is objectively overkill for a home router. A mini PC with an N100 or Celeron processor would draw a fraction of the power and handle OPNsense without breaking a sweat. But the R330 is free, and free changes the calculus entirely. The power draw is a known tradeoff I’m accepting eyes open.

What I’m Planning to Build

This is phase one of a larger homelab project. Here’s what I intend to stand up:

OPNsense Router Replace the Deco’s routing function entirely. OPNsense is an open-source firewall and router platform with full VLAN support, granular firewall rules, DNS control, traffic shaping, WireGuard VPN, and a proper dashboard. This is the core of everything else.

Network Segmentation with VLANs One of the biggest limitations of consumer mesh systems is flat networking. Every device on your network can talk to every other device. With VLANs I can segment:

  • Trusted devices (laptops, phones)
  • IoT devices (smart home gear, cameras)
  • Guest network
  • Homelab infrastructure

Each segment isolated from the others with firewall rules controlling what can talk to what.

Proxmox Hypervisor The R330 will run Proxmox, an open-source virtualisation platform. This lets me run multiple virtual machines and containers on a single physical server. One box, many purposes.

Cisco Aironet APs with Fast Roaming The 1702i APs support centralized management and 802.11r fast BSS transition, meaning devices roam seamlessly between access points without dropping connections. For a house with multiple APs covering indoors, the garage, and outdoor areas, this matters. Rather than configuring each AP individually, all four will be managed from a single interface with consistent SSIDs, per-VLAN wireless networks, and proper roaming handoffs.

Monitoring Stack Once the infrastructure is up, I want full visibility into what’s happening on my network. That means a monitoring stack (likely Grafana with a time-series database) showing bandwidth usage, device activity, and system health in real time.

Automation with n8n n8n is an open-source workflow automation tool I intend to run on my own infrastructure. The use cases I’m exploring sit at the intersection of operational workflows and modern infrastructure. More on that in future posts.

Why This Matters Beyond the Homelab

Honestly, part of this is just curiosity. I want to understand how things work at a level deeper than what a consumer product exposes. But there’s a practical dimension too.

The systems that run healthcare operations (procurement platforms, vendor integrations, inventory management) are increasingly cloud-hosted, API-driven, and automation-dependent. Knowing how to configure a VLAN or spin up a VM won’t hurt when those conversations come up. Building something real teaches differently than reading about it.

What’s Next

The hardware arrives soon. The next post will cover the physical setup: getting the R330 running, configuring OPNsense from scratch, and getting the first VLAN live.

If you’re on a similar journey, technically curious but coming from a non-IT background, follow along. I’ll document everything including the mistakes.