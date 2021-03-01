Simple vlan, hardware and setup recommendations

C

Cherry Dude

Weaksauce
Joined
Sep 1, 2016
Messages
116
Hi there

I am moving to a large house in the summer and will get a full gigabit connection (1000/1000). At the same time, I am giving my devices a good look over and adding some new, like Roborock robot vacuum cleaners. Unfortunately, I have given up rooting the vacuum cleaners, and I do not really trust them.

So, I am looking for a solution that will allow me to take full advantage of the internet connection, and separate IoT from my private network (both Wi-Fi and wired)

I am getting a bit crossed eyed and more and more confused; the more forum posts I read – perhaps I should just realize I am a network newbie.
I currently have an Asus RT-AC66U and a TP-Link TL-SG108E switch.

Now I do realize that what I need is to setup vlan, but what hardware to use is not easy.
Ubiquity, PFSense (e.g., SG-2100, Lawrence Systems has guides, even one using the same switch) or other? I would also need an AP that can be split in those cases. An Asus router with Merlin or DD-WRT might also be an option?
I am really looking for a set and somewhat forget solution, so I doubt I will get the most out of the products anyways – so a sanity check is always nice.

Does anyone have suggestions for possible setups, or some tips?
 
V

Vengance_01

Supreme [H]ardness
Joined
Dec 23, 2001
Messages
6,276
Unifi udm-pro, 16 port unifi poe switch, and some new wifi 6 aps with proper coverage. You could setup 2-3 vlans and isolated traffic. Internal prod, IoT, guest vlans
 
R

robijito123

n00b
Joined
Feb 2, 2021
Messages
31
Pfsense is fairly easy if you want to build your own hardware, basically just add interfaces and force traffic to tag with VLAN ID, then setup rules to allow flows inside your network. Or conversely have your AP with a tagged configuration and have rules to pass or block trafic to different segments of your network. I think untangle is another fairly easy option to have an easier take on the setup if you are wanting to build your own hardware.
 
