Creating a VLAN for IoT

Mista_Mobsta

Mista_Mobsta

Expert Member
Joined
Jan 22, 2015
Messages
4,256
Reaction score
5,384
Location
Centurion
Hi everyone! Been reading up a little about creating separate VLANs for all the IoT devices. I am somewhat clued up on the IT side of things and as such as I have been going down the IoT rabbit hole steadily for the past couple of months. A lot of content providers recommend creating a VLAN for the IoT devices especially if you are gravitating towards HA after flashing all the switches etc.

Can anyone give me a bit of a guide on creating a VLAN? I am running the Orbi RBK20 system from a B618 LTE main router and have a couple older Asus ADSL routers lying around gathering dust. I am hoping I can use those older routers to somehow create a nice separate network to tie those Shellys and Sonoffs in and maybe do some future proofing (better coverage) as more devices are added.
 
FWIW, there's no need to create VLANs if your devices are removed from the cloud. All my IoT devices (40+) are flashed with Tasmota so I didn't see the need of going the VLAN route. I did, however, create a separate SSID for the WiFi devices with it's SSID not being broadcast.

I'm installing a bunch of IP cameras at the moment, and these are physically on their own network (with cheap Scoop PoE switches) thus airgapped from the internet. Outside of these cameras not seeing the cloud, I also wanted physically separate hardware LAN for when lightning hits these, I don't want my expensive Unifi switches damaged in the process. For the video server I have two network cards; one connected to the IP camera network and one connected to the rest of the network. Anyway, just another possible alternative to using VLANs
 
gbyleveldt said:
FWIW, there's no need to create VLANs if your devices are removed from the cloud. All my IoT devices (40+) are flashed with Tasmota so I didn't see the need of going the VLAN route. I did, however, create a separate SSID for the WiFi devices with it's SSID not being broadcast.

I'm installing a bunch of IP cameras at the moment, and these are physically on their own network (with cheap Scoop PoE switches) thus airgapped from the internet. Outside of these cameras not seeing the cloud, I also wanted physically separate hardware LAN for when lightning hits these, I don't want my expensive Unifi switches damaged in the process. For the video server I have two network cards; one connected to the IP camera network and one connected to the rest of the network. Anyway, just another possible alternative to using VLANs
Click to expand...
The separate SSID may work well, thanks for that, considering I have the two spare older routers and the IoT only needs 2.4ghz channel. Want to try and limit the crowding of WiFi as much as possible so maybe I should also use dedicated channels for the separate WiFi networks.
 
gbyleveldt said:
FWIW, there's no need to create VLANs if your devices are removed from the cloud. All my IoT devices (40+) are flashed with Tasmota so I didn't see the need of going the VLAN route. I did, however, create a separate SSID for the WiFi devices with it's SSID not being broadcast.

I'm installing a bunch of IP cameras at the moment, and these are physically on their own network (with cheap Scoop PoE switches) thus airgapped from the internet. Outside of these cameras not seeing the cloud, I also wanted physically separate hardware LAN for when lightning hits these, I don't want my expensive Unifi switches damaged in the process. For the video server I have two network cards; one connected to the IP camera network and one connected to the rest of the network. Anyway, just another possible alternative to using VLANs
Click to expand...

More or less what I did https://mybroadband.co.za/forum/threads/home-network-security.1062554/#post-26006484

Sadly my Window/Door sensors, IP cam's & Google Home still need internet access so I gave them their own Rain LTE :D
 
Mista_Mobsta said:
The separate SSID may work well, thanks for that, considering I have the two spare older routers and the IoT only needs 2.4ghz channel. Want to try and limit the crowding of WiFi as much as possible so maybe I should also use dedicated channels for the separate WiFi networks.
Click to expand...

This is the best and cleanest way to do it.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X