![]() IoT Everything you want to connect that you don’t really trust.LAN The default network for trusted devices.As such for your personal devices I would suggest starting with two networks: I initially tried having complicated VLANs and it was extremely painful for relatively little value. The more divisions you have the more complicated your firewall rules will get. The first thing to do is work out how you want to divide your devices. ![]() ![]() We can accomplish that by utilising the VLAN capability of UniFi gear plus some appropriate firewall rules. This is an out of the box feature of UniFi and straightforward to set up but it won’t give me the kind of one way access to devices I’m looking for. ![]() I already have a guest WiFi network that I can grant access to that does not have any access to anything else on my network. It’s at this point my rather excessive amount of Ubiquiti UniFi hardware becomes useful. But I also want to be able to communicate with them for control purposes and I don’t want to set up alternate networking hardware just to support these less trustworthy devices. I don’t really want to treat IoT lightbulbs as equally deserving of trust as my primary computers and mobile devices. Yet if I place them all on my network then by default they’re all peers. I place differing levels of trust in things depending on the security maturity and resources of the organisations behind them. Not all devices on my network are created equal. Configuring VLANs with UniFi for IoT devices Mon, Apr 13, 2020
0 Comments
Leave a Reply. |