What's new

How to setup an isolated VLAN on Merlin?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

My solution to the whole thing is I moved to use a MikroTik RB750Gr3 with Netgear WAC510 instead. The whole experience is much better over there compared to do all the ASUS/Merlin scripting.

Thanks for the info.
Actually I've already ordered a Mikrotik hex poe 960pgs to replace RT-AC68U. 960PGS is a little bit weaker than asus 68U on the routing and NAT but I need its POE to feed couple cameras. It is much easier to configure VLAN on RouterOS to work with Cisco Aironet AP.
 
You can set up static routing through your router using the DHCP Server or go around and manually configure each device with static addresses and disable the DHCP. Set up your VLAN and then assign those static IPs to where you want them
If you are using ONLY the guest networks for your wireless LAN setup in the router then this would work, however if you are using the non-guest networks in the router then setting up a VLAN on a switch, the VLAN trunk will lead back to the router and expose the VLAN to the non-guest wireless network. It would be better to use a layer 3 switch.
 
Another simple alternative is to use a Cisco RV340 router. Setup an additional VLAN 2 on the router. Use a trunk port from the RV340 to the Cisco AP or switch.
 
If you are using ONLY the guest networks for your wireless LAN setup in the router then this would work, however if you are using the non-guest networks in the router then setting up a VLAN on a switch, the VLAN trunk will lead back to the router and expose the VLAN to the non-guest wireless network. It would be better to use a layer 3 switch.
Would a managed Layer 2 Switch work to set up an isolated VLAN also for an access point?
 
Would a managed Layer 2 Switch work to set up an isolated VLAN also for an access point?
For an access point would be the correct way to do it. In other words, disable the wireless radios in the Asus Router and use an Access Point connected to one of the L2 switch ports. This way you can create a VLAN for the AP keeping it on it's own isolated VLAN, or add the AP to an existing VLAN. This will ensure that all nodes and their traffic on the AP are isolated to a VLAN away from any other VLAN that you wish to create. And don't use the Asus Router's ethernet ports for anything other than the L2 switch.
 
For an access point would be the correct way to do it. In other words, disable the wireless radios in the Asus Router and use an Access Point connected to one of the L2 switch ports. This way you can create a VLAN for the AP keeping it on it's own isolated VLAN, or add the AP to an existing VLAN. This will ensure that all nodes and their traffic on the AP are isolated to a VLAN away from any other VLAN that you wish to create. And don't use the Asus Router's ethernet ports for anything other than the L2 switch.

Why not use the other Asus' ethernet ports for other connections that I need the router for but not the switch for?
Esp. if I had created an isolated VLAN apart from them on the L2 switch?
 

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top