I have not tinkered with VLANs yet. I need help and advice how to correctly proceed. Here is my situation:
2 x Ubiquiti AP
1 x hAP AC2
1 x CRS326-24G-2S+
I want to build 3 VLANS:
Main for my family
IoT partly blocked from Internet. I need most of the devices blocked from Internet, but there is some devices which would need Internet. They should all reach my HomeAsistant server.
Guest VLAN, just for WIFI and maybe casting to streamer or TV.
There will be 3 SSID: IoT, Main, Guest.
First things first how should I connect my APs? Better to connect them straight to router or switch?
If I have some IoT devices connected over Wifi and some over LAN on switch, how should I program my router/switch?
Thanks in advance, if something is unclear, please ask
The switch comes in handy for any traffic within the same vlan from user to another.
The router comes into play between user and internet and traffic between different vlans.
I understand that. So basically I could wire everything to switch, tag ports (for lan), on Unifi AP create VLANs and hook switch to router. More interested about firewall and nat rules to succeed in blocking partially and allowing some services.
If you have IoT network then why blocking some devices… Just block IoT VLAN access to the other VLANs (but leave communication open to the HA server)
