Network Security Setup Advice Needed

deweyzeph said:
My Sonoff light switches won't work with HA unless they're connected to the cloud, unfortunately there's no way to flash them or to get them to work LAN only. Going to eventually replace them with Tuya which I've got working without any cloud connection.
Click to expand...
I dislike the Tuya interface though, it feels clunky and glitchy compared to EWELINK.
 
Bliksis said:
So it might as well be harmless, but it's a preventative measure?
Click to expand...

Yep, might be harmless, we have two young boys with the the older starting to learn how to operate an iPad, so I wanted to get a jump on securing our network, managing what they can access, etc. I still have a lot to learn though...

Bliksis said:
HA isn't as quick and easy as XDA and some other sites make it out to be (Simply spin up HA, add your devices, and Bob's your uncle) LMAO.
Click to expand...

Compared to when I first played with HA in 2020 or 2021 it has become a lot easier with most mainstream IoT devices being easy to integrate in to HA if they have been setup in their native environments. Some need additional work like using MQTT but a lot are fairly straightforward these days.
 
Neuk_ said:
Yep, might be harmless, we have two young boys with the the older starting to learn how to operate an iPad, so I wanted to get a jump on securing our network, managing what they can access, etc. I still have a lot to learn though...



Compared to when I first played with HA in 2020 or 2021 it has become a lot easier with most mainstream IoT devices being easy to integrate in to HA if they have been setup in their native environments. Some need additional work like using MQTT but a lot are fairly straightforward these days.
Click to expand...
I got stuck just trying to get my Sonoff devices imported. That's where I left it. I might try again when I'm bored.
 
Bliksis said:
I got stuck just trying to get my Sonoff devices imported. That's where I left it. I might try again when I'm bored.
Click to expand...

This is what I used, one of the first batch of IoT devices I integrated...

1761838029870.png

Then I have Tuya, Sonos, Ambient Weather, DAB Pumps, Unifi, etc. which are all straightforward, I had to use MQTT for Solar Assistant coupled with the Sunsynk Power Flow Card for our Sunsynk inverter.
 
Neuk_ said:
This is what I used, one of the first batch of IoT devices I integrated...

View attachment 1859697

Then I have Tuya, Sonos, Ambient Weather, DAB Pumps, Unifi, etc. which are all straightforward, I had to use MQTT for Solar Assistant coupled with the Sunsynk Power Flow Card for our Sunsynk inverter.
Click to expand...
I think this weekend I'll try again. If I don't get stuck with a bottle again somewhere. LMAO
 
Mzezman said:
Overall design looks solid. I would also look to utilise some sort of captive portal for the BnB - and think of using tokens as well that you create and setup out of the Unifi gateway.

My HA is running on the main trusted network while all my IoT devices are on untrusted VLAN then i have a firewall rule granting the HA device to the IoT network.

I am not sure how Reyee handles the VLANs and tags but it SHOULD be standard - so setting them up on Unifi should propagate them through with little issues. I run a full Unifi stack so mine is seamless from that perspective. i HAVE tagged certain ports (CCTV) where necessary

The Zone based firewall makes doing rules much easier than what it used to be - check this out


Click to expand...
This was really helpful - thank you!

I have managed to set up the VLAN's - I had to create the same VLAN ID's in the Reyee managed switches, and then set the ports as trunk ports for AP's and other switches (allowing multiple VLAN ID tags), and access ports for devices (restricting which VLAN it is for). This works really well.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X