Menu
What's new
By:
Filters Better Search

[SOLVED] General VLAN question

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

D

dieter

Senior Member
Hello,

Connected to my ASUS RT-AC1900P, are several hardwired (including a Media Server) and wireless computers, a ROKU, and 2- Chromecasts devices, and wireless "guests" computers/cell phones.

My question: Is a VLAN feasible considering a mediaserver on the LAN will stream to the ChromeCast devices? In addition, "guests" will want access the internet AND stream to the ChromeCasts. Or should the Chromecasts remain on the main LAN subnet?

In the future there will be some IoT devices, which I understand should be on a different subnet.

How complicated will it be for me (as you can tell, a VLAN novice) to set this up?

Is there detailed HELP available on how to set up a VLAN?

Thanks.
 
Last edited:
Found the SNB help on VLANs. Should be very helpful.

Vlan setup seems very complicated. Not for me...
 
Last edited:
dieter said:
Found the SNB help on VLANs. Should be very helpful.

Vlan setup seems very complicated. Not for me...
Click to expand...
VLANS are straightforward. Just think of them as shelves. Each VLAN is a shelf, each box on a shelf is a dhcp range assigned to the vlan, and items in the box are devices assigned to the ip range and thus the vlan. Each shelf has a number (VLAN ID). you assign, in the router, the vlan to a DHCP range.

So if you have devices - a NAS or a PC that you do not want guests (or anyone else) to have access to, put it in a vlan. Put anyone else under a Guest VLAN and allow access to the specific devices you mentioned by placing them in that vlan's ip range. Put IOTs on their own vlan separate from all. You may want to physically separate them as well using a second router or managed switch to segregate traffic and loading ( keeping that load off of the streaming side for example).
 
Thanks for your comments. I get the general concepts, and am reading more on the subject: VLAN How to: Segmenting a small LAN.

What I'm confused about is: how does a VLAN prevent IoT device to get hacked and prevent DDNS attacks, for example?

Will having my servers on a separate subnet prevent hacking from the internet, or just make it harder?
 
dieter said:
What I'm confused about is: how does a VLAN prevent IoT device to get hacked and prevent DDNS attacks, for example?

Will having my servers on a separate subnet prevent hacking from the internet, or just make it harder?
Click to expand...

The main thing - watch the WAN side - no matter what's hanging out on the LAN - keep ports close, expose only trusted services, and even there - sandbox that.

VLAN's just complicate things there - just saying...
 
I'm beginning to realize the RT-AC1900P does NOT have VLAN capabilities with the Asus firmware. Does the AsusWRT-Merlin firmware support VLANs on the 4 router ports? Or do I have to purchase a managed switch?
 
Last edited:
You must log in or register to reply here.

Similar threads

ddaenen1
Do i need an IoT VLAN
2
Replies
25
Views
1K
coxhaus
C
HELLO_wORLD
Tutorial Adding custom SSID and specific VLAN (for IOT for example)
Replies
14
Views
841
alexnev
A
G
RT-AC86U VLAN-like modifications to guest network
Replies
19
Views
2K
pjd50
P
D
VLAN Config Query using pfSense and Unifi
Replies
18
Views
1K
awediohead
A
B
Understanding VLAN Assignments with Guest Network Pro: Managing VLANs Across Multiple SSIDs on ASUS RT-AX88U Pro
Replies
1
Views
2K
Hypothosis
H

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 1,012 (members: 25, guests: 987)
Top