Jump to content
Sign in to follow this  
Azvix

XR1000 VLAN help

Recommended Posts

So every time I turn on the VLAN setting and try to set it all up I never seem to have internet no matter what I change. Am I doing something wrong, has anyone else managed to successfully set up the VLANs with this router?

Share this post


Link to post
Share on other sites

I don’t need VLAN for anything, I just came across a security post of how to secure your network from NetDuma saying that putting the IoT devices on a separate VLAN is the best and most secure way to set up my own network. So I was thinking of giving that a try, with no success sadly.

Share this post


Link to post
Share on other sites
7 hours ago, Azvix said:

I don’t need VLAN for anything, I just came across a security post of how to secure your network from NetDuma saying that putting the IoT devices on a separate VLAN is the best and most secure way to set up my own network. So I was thinking of giving that a try, with no success sadly.

I’m not sure it’s possible on the XR1000 apart from Guest network.

I know what you mean but I don’t think it’s possible to have multiple virtual VLAN’s for your needs ie. you create a network with a VLAN tag of 300 for example and name it IoT apart from the guest option.
The guest network which should be isolated but you can’t create firewall rules for it either for complex situations using the tag ie. 300 and you would need to test it to insure it is really isolated. I don’t know what options are available under guests on the XR but say you have a printer on your main network and guests are able to share that printer it’s not isolated for example or you join the guest network with your pc and you can ping device addresses on your main network is another way to test.

The idea is your main network is isolated from IoT so if say they are compromised they cant see any devices on your main network.  
 

I’m not sure it’s possible either to know if they are compromised as the XR does not allow honeypot or has IPS/IDS but it does have Armor but again I don’t know it’s workings. That would be a question for NG. 




 

Share this post


Link to post
Share on other sites

I don't think the VLANs on the XR1000 are meant to separate LAN devices. I think it's for the use of an IPTV behind a router. If you go to the website that Fraser suggested, the XR1000 isn't listed in the "This article applies to" drop down menu because those aren't IPTV VLANs. For more info, go to the "VLAN/Bridge settings" and click the "?" at the top right for more info. As Newfie said, if you want to secure your IoT devices, use the guest network and disable "Allow guests to see each other and access my local network" which is essentially like the VLAN you're talking about. I recommend using the 2.4 GHz guest network for your IoT devices and the 5 GHz guest network for your real guests since most IoT devices only support 2.4 GHz and are probably going to be farther away from your router anyway so you'll need that extra range. Remember that if you have a smart vacuum that connects to WiFi which allows you to use your phone as a remote to control it using your local network, you might not be able to put it on the guest network depending on if it uses LAN, WAN, or both as you'll have to do some testing. If it has WiFi direct, that's an alternative as well, or you can create your own WiFi direct from your phone. It's up to you.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...