I’m trying to decide whether to use VLANs or not. Security is important to me, but not so much when it starts to really impact usability.

Is using VLANs even worth it in a regular home network?

  • AnonymousPerson-9@alien.top
    cake
    B
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    I run seperate vlans for my home. I put all of my untrusted devices hue hubs lighting, hue sync box, apple tv, printer, google home, smarthings outlets in an IOT vlan.

    Then i have a vlan with my trusted devices iphone, ipad, laptops, servers, nas etc on a protected network.

    All of this is protected by a pfsense firewall. I have netgear switches that are managed and support trunking.

    I use the pfsense firewall to connect to ISP on wan port and then configure a trunk port to my switch. My pfsense firewall has the vlan networks configured and hands out dhcp to the devices attached to the different vlans for wired and wifi ssids.

    I have pfsense firewall rules allowing trusted vlan to talk to iot vlan and internet. The iot vlan has no access to the trusted vlan , but can access the internet.

    I run avahi services mdns on the pfsense for allowing the trusted network to browse and connect to devices in the iot vlan… like my printer, hue lighting app, hue sync etc.

    I have a wifi ap device that support trunking as well and have two ssids one in iot vlan and one in trusted vlan. On the wifi ap I also had to configure mdns services and setup individual access to my printer, and setup individual access to the hue sync device both of these by putting in the specific ip of the devices.

    Everything works great after doing this.

    I highly suggest seperating your untrusted iot devices on a seperate vlan with no access to your trusted devices.