• domanpandaOPB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    I want to separate my sons PC and wifi devices from default network.

    Even though im familiar with neworking - subnetting with masks, DNS, DHCP, VPNs (wireguard, openvpn, zerotier) somehow VLANS and tagging has never clicked in my head.

    I have classic problem and pretty classic setup - edgerouterX and unifi AP as wifi device. All devices are in the same LAN. What i want is:

    • my son’s PC (cable) is separated from default network
    • some particular wifi devices are also in this network (separate SSID)
    • this network does not have access to default network …
    • … except some few things like in this example (wifi) printer - everybody should have access to it

    Ive watched 3 videos about Vlans and have seen this tutorial. https://help.ui.com/hc/en-us/articles/115012700967-EdgeRouter-VLAN-Aware-Switch but it doesn’t have double WIFI ssids.

    So i still have questions.

    1. Should i remove my current LAN or should i just tag it with id: 1 (this is tag for default networks right?). I dont want to creat entirely new network as i have things assigned to my IPs (like subdomains but not only that)
    2. Should i tag eth1,eth2 and eth4 ports with tag id ‘1’ or should i just set ‘untag 1’ for eth3?
    3. eth4 should be “trunking” port right. Should i just set both tags on it - would it be enough?