Guest network wi-fi goes down

[Seth Harman]

So, the question comes down to which is easier/safer. The device in question is a Hubitat home automation node that only supports wired Ethernet. I want to be able to access it (and other IoT devices) remotely through WireGuard, so can either have it on the IoT VLAN via port assignment and let WireGuard enable access to the IoT VLAN via iptables or move it back to main and use iptables to enable WireGuard to access only that IP address specifically. I was doing the first, but have moved to the second approach and will track to see if the drops disappear.

As @jksmurf mentioned in his response I've got two TL-SG108E managed switches to do the wired VLAN tagging at my AiMesh nodes because the nodes doesn't support this function. Coincidentally, what led me to this solution was the fact that I also have a Hubitat plus a Hue bridge that I wanted on my IoT VLAN.

 

[pchadw]

I thought about this a bit more and decided to try putting the Hubitat on a separate guest network and set up iptables to get access to that. I had noticed the last time the IoT Wi-Fi lost contact, other guest networks were not affected. Will continue to track it but for now it is working as I want.

 

[Seth Harman]

For what it's worth I'm running the same main router as you (currently on 3006.102.7 firmware) and have been running Guest Network Pro wireless VLANs since the first version of Merlin where it was available and I've never experience what's been described. Unlike you and the others that have reported similar experiences I've never used the router or the nodes to do any wired VLAN tagging and all of my main router ports are set to "All(Default)".

 

[visortgw]

For what it's worth I'm running the same main router as you (currently on 3006.102.7 firmware) and have been running Guest Network Pro wireless VLANs since the first version of Merlin where it was available and I've never experience what's been described. Unlike you and the others that have reported similar experience I've never used the router or the nodes to do any wired VLAN tagging and all of my main router ports are set to "All(Default)".

I, on the other hand, had better results using wired VLAN tagging on my primary router and AiMesh nodes rather than using the low-end TP-Link managed switches — I have added TP-Link unmanaged switches when I needed additional VLAN tagged ports: