subnets or vlans - is this possible?

Started by JoshNelson, November 05, 2017, 11:36:42 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

JoshNelson

November 05, 2017, 11:36:42 PM
I posted this in routing & switching as well - it seems appropriate for either forum. 

I have a number of devices on my network and would like to isolate them by type....and I'm not quite sure how to go about it or if it's even possible. Most of the devices connect via wireless (netgear orbi RBR50 - router and 1 satellite) though a couple connect via wired connection (on a port on the main orbi router).

So - I have a few groups of various types of equipment connecting to my network. They are:

1. office equipment (work pcs, printer, etc)
2. entertainment (ps4, firetv, etc)
3. IoT devices (canary security cameras, random raspberry pi homebrew projects)
4. Guest devices (phones, tablets, etc)

All of these groups need internet access but none of them really need to access devices in the other groups. What I was trying (and failing) to do is create vlans for each group, and have separate dhcp scopes/subnets for each group (office being 192.168.1.xxx, entertainment being 192.168.2.xxx, etc).

I have the following equipment available to me:

1. netgear orbi rbr50 (router and 1 satellite) latest firmware 2.0.0.74 (btw - when is this going to be patched to address the wpa2 issues?)
2. a couple netgear N600 WNDR3700 routers (though I would not want to use the wireless radios on these and would want everything to use the orbi). One of these I have installed open-wrt on, the other is running the regular netgear firmware.
3. TP-Link TL-5G108E managed switch

So - my question is can I accomplish separate subnets and network isolation (vlans?) for each of these groups using the equipment that I have taking into consideration that 98% of them will connect wirelessly via the netgear orbi.

deanwebb

#1
November 06, 2017, 08:30:12 AM
This is actually a home/small office networking issue, but I'll leave it here because there are differences in how wired and wireless VLANs work.

With most SOHO gear, the IP range you get with it is the IP range you're stuck with. That's because you can't get into it and create multiple SSIDs with their own IP ranges as needed. You can have multiple SSIDs, but they may very well all share the same address space.

You would need a commercial grade wireless controller to set up SSIDs with unique address spaces, and those run into the hundreds of dollars, once you've bought the WLC and its access points. Then you have to wire up those access points for sharing the signal through the house, because the WLC's range doesn't reach everywhere...

You'll have better luck with the VLANs with a proper switch in place on the wired network.
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.
Print
Go Up Pages1
User actions