SysAdmin · Network Engineer · 7+ yrs (healthcare · education · MSP)
Networking · Security · Microsoft Endpoint Management
- 🏠 Running a privacy-first pfSense homelab · 6 VLANs · dual Mullvad WireGuard failover · verified zero leaks
- 🏢 Building an SCCM + WSUS Hyper-V lab for a fictional 120-user SMB (Meridian Freight Co.)
- 🧪 Prepping CCNA 200-301 on real Cisco Catalyst 3560 + 1941 ISR · target Aug 2026
- 🛡 Tuning Suricata IDS · auditing firewall rules · kill-switch design
- 🐳 Self-hosting on a Mac Mini M4 (Docker, 24/7)
- 📝 Documenting every config in markdown for the next person
🌐 Networking 
🪟 Microsoft 
💻 Web + Cloud 
🤖 Automation 
- 🔥 Firewall: pfSense 2.8.1 on Protectli FW6E (i7, 16 GB)
- 🧱 Segmentation: 6 VLANs · 802.1Q trunk · default-deny inter-VLAN
- 🌐 VPN: dual Mullvad WireGuard (Sweden + Frankfurt) auto-failover
- ☠️ Kill switch: 7 independent layers · zero WAN egress NAT
- 🟢 Verified zero leaks: IP / DNS / WebRTC (ipleak + Mullvad Check)
- 🚨 IDS / DNS: Suricata across WAN + 3 VLANs · pfBlockerNG-devel
- 🛰 Remote: Tailscale subnet routing · 🐳 Mac Mini M4 Docker host
- 🖥 Platform: Hyper-V on Windows 11 Pro
- 🪟 Stack: Windows Server 2022 · SQL Server 2022 · AD DS + DNS
- 📦 Endpoint: SCCM (current branch) + WSUS as the Software Update Point
- 🏭 Scenario: 120-user SMB across two sites (Tacoma HQ + Kent warehouse)
- ⚙️ Automation: PowerShell, idempotent and parameterized
- 📚 Built to teach: rebuildable end-to-end, phase-by-phase docs
🧪 CCNA Home Lab in progress
- 🖥 Gear: Cisco Catalyst 3560 PoE-8 (WS-C3560-8PC) + Cisco 1941 ISR
- 🎯 Target: CCNA 200-301, Aug 2026
- 📚 Coverage: VLANs, trunking, inter-VLAN routing, NAT, ACLs, SSH, switch hardening
- 🧰 Tools: Packet Tracer, GNS3, real Cisco IOS
- ✅ CompTIA Security+ · May 2026
- 🎯 CCNA 200-301 · target Aug 2026
- 🛠 7+ years in production (Tier 1-3 MSP · 120+ SMB clients · 99.9% uptime)
built in the garage · documented for the next person