Need help setting up components on Wireless VLAN

#1

Hi there, I just upgraded the firmware to 8 and I’ve set up the router, adding a WiFi VLAN.

I don’t normally use WiFi as it’s convenient for me to use Ethernet and more secure feeling for myself.

However, I really want to add Alexa to my traditional hifi amplifier but I don’t want to do it using Bluetooth as I’ve read it’s open to vulnerabilities but mostly because I like the idea of ring fencing components in a VLAN.

This is what I wish to achieve. Have a separate VLAN with SSID and block it off from my PC and Laptop. I wish to have in that VLAN, Amazon Fire Stick, Amazon Echo Dot and Amazon Input connecting WiFi to my HiFi.

I’m sorry if this is a very simple question. I’m very paranoid regarding information ring fencing as I was hacked in the past. If my WiFi does get hacked, I want to make sure there would be no access to my Ethernet components.

I have set up 3 Ethernet VLANs and one 5ghz VLAN, all of them untagged (isolated?). (I don’t seem to be able to make a VLAN of Port 1.)

Thanks for a great router and the free firmware upgrades.

1 Like
#2

I believe that, by definition, a vlan is tagged. In addition to isolating devices with a vlan, you can also isolate the devices inside the vlan so they can not see each other. For more see this page
https://www.routersecurity.org/vlan.php

1 Like
#3

Hi Super Sonic,
If you disable InterVLAN-Routing, than your Amazon devices are in a different Network.
If you need some thing accross the networks, for example FireTV App and your smartphone is in your “private VLAN”, then you can create a Firewall roule from one Network to the other.

Was that the answer to your qustion?
Dennis

1 Like
#4

Hi, I’m very sorry for the late reply.

Thanks for the link Michael. I read a lot of Micheal Horowitz’s site though I don’t think I’ve seen that page before. It was after reading his site I bought the Soho Mk3.

Thank you for the advice dennis. I am still not sure about Firewall rules. I have bookmarked the Printer on a VLAN tutorial by mkldowling but my inControl sub has ran out as it is more than a year since I bought the router.

I know that’s a long time to still be a newbie but I was happy with just using Ethernet connections.

I will look into the things you both mentioned over the weekend and hopefully I’ll know a lot more. I will get back to you with my results, hopefully good.

Thanks again.

#5

Hello @SuperSonic,
With the tutorial, if you are not using InControl2, jump to

You can create you VLANs locally without InControl2 from this location before proceeding with the rest or the tutorial, in the images below, change “mars.ic.peplink.com/ra/remote/1234-ABCD-1234” to your local IP address, if the device is on factory default then this will be “192.168.1.1”.

Select th “New LAN” button to create your new VLAN and fill in the details required

Then continue with the rest of Step #3.

Happy to Help,
Marcus :slight_smile:

1 Like