NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
It would be great if you could improve the guest wifi capabilities, at least giving the option of complete network segmentation for guest networks on your routers. Visitors, and untrusted devices (e.g., IoT devices) should be able to connect to a separate SSID, on a (separate) VLAN (or other logical segmentation), so that guest devices can't discover, communicate with, or sniff traffic from, devices on the trusted SSID, except as explicitly permitted through user-created rules. Ideally, VLAN management should also extend to the ethernet ports on the router and satellites, so that wired devices can also be segmented out to the untrusted VLAN (e.g., wired IoT devices).
4 Comments
Just proposed the same feature (pls search and kudos)! VLAN support in AP mode for main / guest networks is a must in 2019!!! It is easy to add from Netgear's point of view and opens endless possibilities for (office / home / enterprise) users having proper routers with support for multi vlans / subnets / dhcps / firewall.
Can't agree more.
Same features and proper segregation is missing on the Nighthawk, the Nighthawk Pro Gaming, and the latest Nighthawk AX Series, on Orbi and mostly on Orbi Pro. The need for proper VLAN with dedicated SSIDs is a fact today. For advanced consumers, the current guest network "isolation" (badly leaking on the MAC level) solution is not sufficient.
Unfortunately, Netgear denied these features expected by advanced home users are required. Let's try to change this.
randomousity wrote:
It would be great if you could improve the guest wifi capabilities, at least giving the option of complete network segmentation for guest networks on your routers. Visitors, and untrusted devices (e.g., IoT devices) should be able to connect to a separate SSID, on a (separate) VLAN (or other logical segmentation), so that guest devices can't discover, communicate with, or sniff traffic from, devices on the trusted SSID, except as explicitly permitted through user-created rules. Ideally, VLAN management should also extend to the ethernet ports on the router and satellites, so that wired devices can also be segmented out to the untrusted VLAN (e.g., wired IoT devices).
I agree completly!! With more and more IoT devices on the scene separate SSID, segmentation of both wired and wireless would to my mind be essential security. It would also be good to virtualize the MAC address for each of the segmented LANs. That would put another layer of security and control over all the stuff that wants to get online these days.
randomousity wrote the original post about a year ago and Netgear is still stuck in the mud.
bc
PS: does anybody know of any under $500 wireless routers that provide for these features?
'ello. Would love this on the RBR850 Orbi...
