VPN dedicated to VLAN

Steven_Sugg · May 20, 2022, 5:05pm

I have been searching through the manuals and forms, but cannot find an answer to this design.

I need to have a wireless/wired device on it’s own VLAN. All traffic to and from that device need to go through the VPN. Everything else needs to route through the normal connection. If it cannot be done with a VLAN, can it be done by controlling using the device’s MAC or IP?

I don’t have a device yet. I’m researching.

I found this from another vendor. It explains what I’m trying to accomplish.

"VPN and Network Segmentation

The Firewalla Gold will allow you to create network segmentation and configure VPN at the individual segment level. For example, to make working from home more convenient, you can dedicate one port as a VPN network segment, and when you access that segment, you are directly connected to your office through Firewalla VPN client/server."

Thx

MartinLangmaid · May 20, 2022, 8:11pm

Yes that’s fine.

It can be done by VLAN, device IP, MAC address or by source & destination IP/port.

You would use Outbound policies to configure traffic flow.

Michael234 · May 31, 2022, 6:28pm

Another router vendor that can do this is pcwrt.com. Much cheaper than Firewalla. Not in the same league as Peplink however. Still, it supports WireGuard, IKEv2 and OpenVPN clients. Each VPN connection can be linked to one or more VLANs (they are not called VLANs). It can even have three concurrent VPN connections, one of each type, though that would probably stress the hardware quite a bit. See
pcWRT Router