Iot segmentation with Purple
I have successfully changed my setup by adding Firewalla purple (router mode) between my modem and wifi mesh Linksys MX4000 Series APs (now in Bridge Mode) per the setup documentation. All my devices are still connecting to wifi using the old SSIDs and passwords. Main devices are on main network. IoT lightbulbs and wifi cameras are connected to guest network over wifi.
What I would like to setup is a simple segmented network where all my IoT lightbulbs and "smart" things can access each other and the internet, but not able to talk to my computers or other important main network devices (NAS). And guests would still connect to guest wifi and not have access to main devices/computers or NAS.
However, it seems to do this correctly with a purple, you need a managed switch or an AP router that allows VLAN configuration, which mine in bridge mode does not seem to allow (to my knowledge). So, what can I do?
Is it possible to group together devices that connect to the guest network, then set a rule that does not allow them to see devices on the main network? Buying a new router is not feasible and I don't think a wired managed switch would solve wifi connected device segmentation. I'm sure reading these questions, you can see how confused I am at how to best segment my network with the equipment I have. But this seems like a normal use case for an average Joe like myself.
Any help would be greatly appreciated!
-
If you want network layer segmentation (control devices, so they can't talk to each other), you need VLAN support, either a switch or AP that understands VLANs.
If your devices getting segmented are all WiFi, you can buy a AP with VLAN support; (I recommend this one)
If you have extra wifi unit, you can buy a switch and use wifi unit as access points, that will create you x VLAN. (x is the number of wifi unit you have)
Please sign in to leave a comment.
Comments
6 comments