NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Redesign home LAN for IoT
I am looking to redesign my current network for my home to accommodate these new IoT devices and want to maintain a secure way in isolating that traffic from my private LAN. Some of the IoT devices w...
For the AP, I would recommend the WAC730. The WAC730 supports VLAN wherein you could assign a wireless network for the loT network as well as for the Private network that are broadcast at the same time. Also, the WAC730 supports PoE. Kindly check its data sheet here.
Here below is a network diagram that I recommend:
From the network diagram above, the ports connecting the Ubiquiti EdgeRouter Lite and the GS110TP on the 2nd floor will be configured as tagged ports so that it will become a trunk link. The same goes to the ports connecting the GS110TP on the 1st floor and the GS110TP at the 2nd floor. Tagging the ports is needed in order to identify which VLAN the packet belongs to.
The ports connecting the GS110TP on the 2nd floor to the RN104 and the WAC730 will be configured as tagged ports as well because both RN104 and WAC730 are VLAN-aware devices. However, the rest of the ports on the GS110TP (both on the 1st and 2nd floor) connected to the desktops and Arlo Base Stations will be set as untagged ports because the desktops and the Arlo Base Stations are not VLAN-aware devices.
Regards,
DaneA
NETGEAR Community Team
The GS108 is an unmanaged switch. I believe you are referring to the GS108E switch. Based from the network diagram you posted, you will need to configure 802.1Q VLAN. For example, configure VLAN10 for the private network then configure VLAN20 for the loT devices. Also, the devices on VLAN10 on the first floor will be able to communicate with the devices on VLAN 10 upstairs because they are on the same VLAN and the same goes for VLAN20.
I pointed out using 802.1Q VLAN because from the network diagram, there are access points within the Private and loT networks. I believe your access points supports VLAN so that it can be tagged to the corresponding VLAN it should belong. Also, I believe your NAS supports VLAN as well.
You might want to check on the GS110TP switch. I suggested this switch because the GS108E switch only supports static LAG. You might be interested to configure LACP (dynamic LAG) to your NAS. Also, the GS110TP supports PoE (Power over Ethernet). I believe your access points supports PoE so that they could get power through the PoE port of the switch instead of using individual power adapters.
For more information about the GS108Ev3 and GS110TP switches, kindly check their respective data sheets below:
Regards,
DaneA
NETGEAR Community Team
I have an existing R1900 router that I wanted to turn into an AP. Does that support PoE? Also usng that same R1900, configure 2 VLANS for separate WiFi network access if that is supported. I do not think I will need the GS110T as most devices I have do not support PoE but could consider that for future implementations possibly. So far, I think the best fit for me would be the GS108E-300NAS device. I tested the RN104 with LACP and did not see a boost in performance since only a couple of devices access it. I use it mainly for streaming my media library and music to a dedicated media server that are on the same switch. Since both can be confgured for VLAN support, I believe I can just configure the ports for VLAN (private) network and keep it separated from the IoT network?
I just want to follow-up on this.
If ever your concern has been addressed / resolved, I encourage you to mark the appropriate reply as the “Accepted Solution” so others can be confident in benefiting from the solution. The NETGEAR Community looks forward to hearing from you and being a helpful resource in the future!
Regards,
DaneA
NETGEAR Community Team
If the r7000 does not support vlan, then what AP would? Or how can I set the switch port to possibly make the r7000 (when in AP mode) think it is connected to a standard port and connect with a static IP? Or would this need to be configured on the main router?
For the AP, I would recommend the WAC730. The WAC730 supports VLAN wherein you could assign a wireless network for the loT network as well as for the Private network that are broadcast at the same time. Also, the WAC730 supports PoE. Kindly check its data sheet here.
Here below is a network diagram that I recommend:
From the network diagram above, the ports connecting the Ubiquiti EdgeRouter Lite and the GS110TP on the 2nd floor will be configured as tagged ports so that it will become a trunk link. The same goes to the ports connecting the GS110TP on the 1st floor and the GS110TP at the 2nd floor. Tagging the ports is needed in order to identify which VLAN the packet belongs to.
The ports connecting the GS110TP on the 2nd floor to the RN104 and the WAC730 will be configured as tagged ports as well because both RN104 and WAC730 are VLAN-aware devices. However, the rest of the ports on the GS110TP (both on the 1st and 2nd floor) connected to the desktops and Arlo Base Stations will be set as untagged ports because the desktops and the Arlo Base Stations are not VLAN-aware devices.
Regards,
DaneA
NETGEAR Community Team
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
