This widget could not be displayed.
This widget could not be displayed.
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

IoT-VLAN working?

onklen
Star I

‎09-02-2024 01:32 PM

I bought a pair of BT10's for home use.

I set up the IoT network and placed my Chromecast and Samsung TV on it. I had expected the Chromecast to stop working as my phone should not be able to see it - but it can.

I then tried logging my notebook on to the IoT-network. From there I can still ping my smartphone, desktop-PC etc.

Shouldn't access between the different networks be blocked so even pinging would fail?

New to networking so I probably miss something... I also played with a Ubiquiti setup and there the VLANs are completely isolated...

0 Kudos
6 REPLIES 6

jzchen
Zen Master I

‎09-02-2024 02:03 PM

The initial setup with MLO and Legacy/IoT network SSID does not set up a VLAN because it is supposed to be segregated WiFi 7 devices on the MLO SSID and the Legacy devices on the other SSID, (ideally your primary/main SSID before).  If you want a separate IoT device SSID go to Guest Network Pro, create this third one, which will enforce a VLAN, which prevents device access to the Legacy or MLO SSIDs.

0 Kudos

onklen
Star I

‎09-03-2024 12:08 AM

Thanks Jzchen

I disabled MLO as I currently do not have a wifi 7 unit. Only 5, 6 and 6e.

Even though I click to isolate the subnet I can still ping it to/from it.

Is that not a problem or does that indicate, that potential compromised IoT-devices can talk to other networks?

What is the settings or features of the IoT-network then?

0 Kudos

jzchen
Zen Master I
In response to onklen

‎09-03-2024 04:38 AM

My ASUS router also has MLO (and WiFi 7 disabled for 2.4, 5, and 6 GHz-1.) I only have 1 WiFi 7 phone and it isn't getting good speed from my two BE routers, (one is a TP-Link Deco).

I'm afraid I tried creating an IoT network a long time ago and didn't have any luck migrating IoTs over, so I just left them all connected to the main SSID.  Since quite a few IoTs are printers in my case VLANs actually blocked ability to print.  To me I guess that was enough security, or actually too much security...

There's an Access Point Isolated setting and I'm assuming that is the isolation setting you are referring to.  I hope that is enough security for you, but to be honest I'm not a cyber security expert, (I am sorry I'm not sure I can help more).

onklen
Star I

‎09-03-2024 05:35 AM

Thank you

I was just trying to understand what the build in IoT-network actually does if it does not separate the devices from my main network...

Hopefully someone from ASUS can help.

0 Kudos
Youtube support channel