segregation of iot devices on network

Currently reading
segregation of iot devices on network

3
0
Router
  1. RT2600ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
Been researching a way to segregate iot devices onto my guest network without having to reenter all passwords onto devices. I have looked all over the net for an easy way to do this but can find anything.

I have the rt2600ac with several rt2200ac mesh routers. The rt2600 is my gateway. I don't really have the ability to hardwire throughout the home and make a seperate LAN network.

Thank you for any suggestions
 
I don't know of a way you can do this without logging into each IOT device, especially if thy are all standalone devices and not managed through a central management server.

You'll have to connect to each device and re-enter the SSID, auth type, and new password. It's easier to do this to the devices first, when you have access via the current WiFi connection, and then make any changes to the access point/wifi router.
 
some principles from IoT best practices:
- you need physically segregated network for the IoT devices, especially IoT Gateway. In these time, when many of them use unshielded protocols as Zigby, ...
- you need really heavy shield from internet attacks, same as for your data
- you need change default password stored in each IoT device manually- for your better sleep. Then you need connect each the device.
- you need establish fixed IP architecture of network management, better than “open” DHCP.

Then is better to perform manual setup for each the IoT device independently. Each device. Otherwise you will get dangerous network operation.
 
Last edited by a moderator:
I will be adding 15-20 IoT devices (mostly WEMO) to a home and home office RT2600ac/MR2200ac configuration, running SRM, Safe Access and Threat Protection. No guest network is configured (or required for human guests). The router supports WiFi Mac Laptops, and a few iOS devices, as well as a hard-wired 10GB unmanaged switch, 2x 10GB NAS and 3x 10Gb Mac Minis.

@jeyare mentioned the need for a "physically segregated network" for IoT devices in the previous post. Does that mean a second physical router and WiFi network? Perhaps a network built on 2x MR2200ac? Or can the RT2600ac guest network be used with reasonable safety. I'm ready to do the right thing; but don't want to waste funds on more hardware than is required.

Thanks in advance for comments and clarifications. Ron
 
first there isn’t Guest network, it’s just a VLAN labeled or virtual SSID by name Guest network.

better than simple VLAN serup for IoT is the port isolation (you need L3 switch with this feature)
you can also isolate the port(s) within VLAN

then you can setup isolation for single device or group of devices to prevent a communication in the VLAN for them. This status you can’t achieve with the Guest network, you can’t separate communication within the Guest network.

consider what could happen if you allow for such vulnersble devices share single Guest network communication = domino effect.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

Ok I've got my shiny new RT6600ax router set up and running with about 30 devices. I've read some articles...
Replies
0
Views
1,645
That is what one does when they are self taught —— They make up their own rules and test routines...
Replies
13
Views
2,917
  • Question
I have RT6600ax and WRX560 both wire back hauled to Netgear MS510TX. This switch's four 1GbE ports are...
Replies
5
Views
1,567
I have the same issue. I know that devices that do not support 802.11v have issues with roaming. What is...
Replies
2
Views
2,130
If you have another/old Wi-Fi router you might test how the thermostat works with another DHCP service...
Replies
6
Views
1,399
I’ve been complaining about this for years. My feelings is: When you ask for a list devices, YOU LIST ALL...
Replies
3
Views
2,230
Fredbert (and others), I had a support ticket in on this, and they told me the issue is indeed related to...
Replies
7
Views
2,217

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Trending threads

Back
Top