Recommended WiFi 6 hotspot to put behind the Firewalla Gold?
Is there recommendations for WiFi 6 hotspots pair up with the Firewalla Gold?
-
No need for a second IP from your ISP. All traffic from both your internal networks can be routed out one external IP.
What I would suggest is start with the gear you have, get it working, and then build from there. If things work and you’re still receiving security updates for all your APs, why change?
I switched from Asus to UniFi for their VLAN support and so that I could break my network into 3 segments: IOT, Home, and Work. I completely segregated the Work network from the rest (disabled the mDNS, etc) because work machines have monitoring software on them. I did not want to buy multiple APs (a pile of 2x3=6 routers around the house was kiboshed) means one set of 2 AP for each of the three networks, did not want to hard wire that many APs, and wanted to use PoE to provide UPS power consistently to the entire network in the event of a power outage.
VLANs do add a level of complexity, both config and troubleshooting. You have to be comfortable with that.
Firewalla Gold is dead easy to config and still super powerful. It’s a solid choice. You might want to draw out your network (even by hand) before you start so have a plan.
Hope that helps. -
Mike999,
That helps more than you know, truly thank you for your time you are for real the best! I have begun drawing out my current network topology and how I think it should look.
I’ve decided I will keep my eeros for now and get the Firewalla gold to run in router mode for me and then consider using my old eero pro for IoT segmentation.
Within the Firewalla itself is it pretty easy to just setup a segmented network for IoT devices or would I need to setup a separate network with another router?
-
Mike999,
Not a separate firewalla - just a second router plugged into my FWG but I’m realizing it may have to be something other than eero for me to control it.
Here’s a link to my napkin drawing
https://i.imgur.com/bCFqOnY.png -
That looks like an accurate depiction of what we discussed. I’d add your subnet IPs to the diagram so you keep them straight. Like:
192.168.1.x/24 - Home
192.168.2.x/24 - IOT
24 meaning a mask of 255.255.255.0, nothing strange in terms of masking.
You can pick different number instead of .1.x or .2.x. Could be .10.x and .20.x for example. I correlated the VLAN number with the IP subnet. Helps keep things straight and easy. -
Yes , it's what I do.
You create a second DHCP on one of the unused WAN ports, put your guest WAP to it, then create a FW rule that says can not talk with other segments and only the internet.
This link you want to review.
-
I will reiterate the comment about Orbi. I'm dealing with it now, its a nightmare. $1500 and its Junk. Support will string you along until you are past the 30 day return window. That seems to be their only objective. When it works its really amazing speed and range but, even in AP mode, it just randomly crashes and you will spend hours trying to get the nodes to sync back up.
Please sign in to leave a comment.
Comments
42 comments