A real-world walkthrough of getting Remote Desktop working on an Entra ID-joined Windows machine. Two compounding issues, a public network profile and a missing RDP SSL certificate, turned a five-minute task into a multi-hour troubleshooting session. Here is what happened and how to fix it.

A deep dive into how DNS works, why it matters for security, how to configure pfSense for encrypted DNS with Quad9, what encrypted DNS does and does not hide, and why a VPN is still the practical answer for private internet access.

A deep dive into how DNS works, why it matters for security, how to configure pfSense for encrypted DNS with Quad9, and how TLS metadata, ECH, and VPNs affect internet privacy.

Why Many Home Lab Builders Are Moving from UniFi Cameras to Reolink + Blue Iris

For years, UniFi Protect has been one of the most popular surveillance systems for home lab enthusiasts and small businesses.

It looks great.
The interface is polished.
And the integration with UniFi networking gear is seamless.

But over the past few years, a noticeable shift has started happening in the home lab and self-hosted communities.

About Me

Network engineer with a focus on Azure, Microsoft 365, identity, and modern infrastructure.

I build, break, and document systems so I can rebuild them better.

But this site is more than a bio, it’s a living record of my journey.

Because while my day job lives in the cloud, my real learning often starts at home, in the rack, behind the firewall, inside the lab.

Why This Site Exists

I created this site for a simple reason:

Let’s Connect

If you’ve made it this far, chances are we have something in common.

Maybe you’re building a home lab that started as “just a spare PC” and somehow turned into a rack.

Maybe you’re tuning pfSense rules at midnight trying to figure out why VLAN 30 won’t talk to VLAN 10.

Maybe you’re spinning up another Proxmox node because “this time I’ll document it properly.”

Or maybe you’re deep in Azure networking and Conditional Access policies at 11:47 PM wondering why one test account refuses to cooperate.

From Zero to Segmented: Installing pfSense CE the Right Way (With VLANs That Actually Teach You Networking)

Most home networks are flat.

One LAN. One WiFi. Everything trusts everything.

Your laptop can talk to your smart bulbs. Your TV can talk to your NAS. Your IoT camera can reach your workstation.

That’s not a lab. That’s a liability.

If you want a home lab that actually teaches real networking, segmentation, routing, firewall policy, and security boundaries, you need a real firewall.

Building the Foundation: Where a Real Home Lab Actually Begins

Key principle:

Terminate TLS at a single reverse proxy.
Expose one entry point.
Keep everything else internal.

That’s discipline.

The Real Reason to Do It This Way

This isn’t about running Plex on better hardware.

This is about understanding:

• How packets move
• How identity works
• How segmentation reduces risk
• How public DNS interacts with private services
• How virtualization abstracts hardware

You can buy ecosystems.