Hi UBNT Community,
I am trying to upgrade my home network with UBNT gear since I am in middle of home automation project with lots of IOT devices. Here is my plan and current EdgeMax SFP router config. I was hoping someone can recommend a FW rule that would protect my LAN form IOT network.
Here is what I have so far.
- EdgeMax Router with SFP.
- 2 UiFi 8 Port Swithces
- 1 AP Pro.
Here is what I would like to accomplish, and I would like some help on the items below.
- Have Data VLAN 21 (Complete)
- Have IOT VLAN 11 (Complete)
- Have Guest VLAN 41 (Complete)
- Have 3 WLANs one on each VLAN (Complete)
- Protect DATA VLAN 21 form IOT VLAN 11 where, Devices on these VLAN 11 can not communicate with DATA VLAN 21, except the Smart Hubs on VLAN 21 (Echo and Samsung Smart HUB and Printer)
- OR should I have Echo, Samsung HUB and Printer on IOT VLAN, and have DATA VLAN communciate only with those object on VLAN 11?
- Protect VLAN 21 and 11 form devices on Guest VLAN 41. Where Devices on VLAN 41 can only print to a network printer.
- Create DHCP for all VLANs (Complete)
My goal is to have all the light switches, communicate form VLAN 11 to my samsung hub or Echo, which in turn would communicate with my smart phone on VLAN 21. I am not sure, if I should have Echo and Samsung on IOT VLAN or data VLAN.
I have some of the items completed, but need some help with FW rules since I am not an expert on FW rules. Please see the attached router config for reference on what I have accomplihed so far.
Thanks in advance for all your help.
