The next step in setting up my network was adding additional “LANS” to my network. So while before I was happy with two networks 192168.1.1/24 and 10.10.10.1/24. I really wanted more isolation from my IoT network, Security Camera Network, my Raspberry PI and Smart-Home network and the computers and devices we use all the time.
Here’s a list of my networks:
- Home Private Network
- Semi-Private Network & Private WiFi
- Raspberry Pi Network & WiFi
- Security Camera Network & WiFi
- IoT & Media Network & WiFi
- Guest Network
To do this I needed a router and firewall (EdgeRouter-X) and I needed a few managed switches because I didn’t want to run new cable.
Starting with the router I set-up the following:
The interesting thing I needed to learn here is the PVID is a “tagged” VLAN. I made this correspond to the network 192.168.4.1/24. This means anything that connects to this port “unmanaged” will get an IP from the 192.168.4.1/24 DHCP server. But if there’s a managed switch connected to this network, it will be able to route traffic for the VLANs 10,20,30, and 40.
The second thing I needed to do was configure my managed switch. DLink DGS-1100-08V2.
The tagged VLAN port here is eth1. This is tagged with VID = 4. This is the same PVID leaving the router. I have 2 untagged ports eth6 and eth7 for this VLAN. This means they will get IP addresses from the 192.168.4.1/24 DHCP server just like it was connected to eth4 from my EdgeRouter-X.
I connected my Access Point and my other managed switch to eth6 and eth7.
I have eth2 mapped to 10, so now anything connected there will get 192.168.10.1/24 addresses. I have eth3 mapped to 20, so now anything connected there will get 192.168.20.1/24 addresses. I have eth4 mapped to 30, so now anything connected there will get 192.168.30.1/24 addresses. I have eth5 mapped to 40, so now anything connected there will get 192.168.40.1/24 addresses.
Notice the PVID up on the top row as well. 4, 10, 20, 30, 40, 4, 4, 1.
The last setting was configuring my access point. This is an EnGenius EAP1300.
