Hi,
I have about 20 devices of smart switches (Tuya)
I think I need to isolate those devices from my internet bandwidth...
Can I assign devices to VLAN ?
Or I have to make another Wifi for them?
If i'm making another wifi, it will be on the same channel of my Main Wifi.. it's not a problem?
VLANs, techncially speaking, are for ethernet connectivity. If you're using wireless only for this application (and the wifi is provided by the same all-in-one wifi router device), you don't actually need VLANs. What you'll be doing is creating a second subnet, and then tying that subnet to wifi. (VLANs and subnets are often used interchangably in general discussions -- so conceptually yes, you'll be using them; but as a technical matter, VLANs will operate using multiple subnets, but VLANs are not required to run multiple subnets).
You can treat this just like a standard guest wifi network. If you need to connect via ethernet (or if have multiple APs that need to broadcast the same guest/IoT SSID), it's pretty easy to add that functionality to an existing guest wifi network configuration.
Yes, it will be on the same channel, but using a different SSID.
Thanks for that.
Same ssid, but same channel will be interference, no?
No, because it is the same radio handling both SSIDs. It's like if you have 2 distinct conversations (let's say with a young kid and an adult)... you take turns talking to and listening to each person (ignore the cognative issue of being able to keep two conversations going in a human brain... lol... the APs can easily handle that bit).
OK, thanks .
I have also DVR connected to my LAN port..
Is it better to use VLAN for wireless + wired?
That's up to you...
The answers to these questions will guide you in terms of what you need to setup.
Ok,
I have Main router + Dumb AP (Ethernet Backhaul)
DVR is connected to LAN on my Main Router..
IoT devices are connected wirelessly to both Main Router and Dumb AP .
Ok... so yes, you'll want VLANs to connect the main router and the dumb AP.
Here's a slightly different analogy: a chess master playing two (or more) games simultaneously.
Yes, this is a great analogy!
Question
If my DVR is on LAN2 in my Main router, the VLAN should be on LAN2 ?
And what about the Dumb AP ?
How im doing the same thing on the Dumb AP ?
Or the VLAN should be on the LAN of the backhaul? (Ethernet Backhaul LAN1 to Dumb AP)
What network do you want the DVR to be on? The trusted lan, or the IoT network?
Yes, the port that physically connects the main router to the dumb AP must be setup with VLANs. You'll also have to adjust the settings on the dumb AP to add the new VLAN and SSID.
I want the DVR be on IoT network (Not Trusted)
So then yes, that physical port should be configured on the same VLAN as the IoT network.
You mean make the VLAN on the LAN1(Backhaul between AP)
And then tagging the LAN2 (DVR) ?
The VLAN will include LAN1 and LAN2 as members... the DVR will almost certainly require it untagged. The backhaul connection for the AP will be tagged.
Please tell me what should be tagged and what untagged?
vlan id 30 = iot (up to 30 devices?)
vlan id 99 = trusted lan
which device is this? The main router or the dumb AP?
Better for me to review the text config:
Please copy the output of the following commands and post it here using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have:
cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall
On the main router
So in that case...
VLANs 30 and 99 tagged on lan1
VLAN 30 untagged on lan2.
However...
I think you're doing this incorrectly. I don't think you should be using vlan-filtering.
Please post the configs I asked for and I'll take a look.