I want to separate my sons PC and wifi devices from default network.
Even though im familiar with neworking - subnetting with masks, DNS, DHCP, VPNs (wireguard, openvpn, zerotier) somehow VLANS and tagging has never clicked in my head.
I have classic problem and pretty classic setup - edgerouterX and unifi AP as wifi device. All devices are in the same LAN. What i want is:
- my son’s PC (cable) is separated from default network
- some particular wifi devices are also in this network (separate SSID)
- this network does not have access to default network …
- … except some few things like in this example (wifi) printer - everybody should have access to it
Ive watched 3 videos about Vlans and have seen this tutorial. https://help.ui.com/hc/en-us/articles/115012700967-EdgeRouter-VLAN-Aware-Switch but it doesn’t have double WIFI ssids.
So i still have questions.
- Should i remove my current LAN or should i just tag it with id: 1 (this is tag for default networks right?). I dont want to creat entirely new network as i have things assigned to my IPs (like subdomains but not only that)
- Should i tag eth1,eth2 and eth4 ports with tag id ‘1’ or should i just set ‘untag 1’ for eth3?
- eth4 should be “trunking” port right. Should i just set both tags on it - would it be enough?
Thanks for all your advices guys. Problem has been solved here thanks to user u/mccantech https://www.reddit.com/r/Ubiquiti/comments/17y987i/i\_want\_to\_separate\_my\_sons\_pc\_and\_wifi\_devices/