Hello all.
I am in the process of redoing some of my networking in terms of replacing devices with Unifi devices (UDM Pro, an 8 Port Unifi PoE switch, a Unifi 6 Lite AP, reusing a unmanaged switch elsewhere, etc), and running cabling etc. With all this work I’m doing, I want to segregate devices that do not need to talk to the internet.
I was trying to follow along with Rob ('The Hook Up' on YouTube) with this series: Part 2 | Ultimate Home Network 2021 | VLANs, Firewall Rules, and WiFi Networks for IoT UniFi 6.0 - YouTube
My extent of network experience is setting DHCP reservations and MAC filtering...I'm not very knowledgeable on networking, so please forgive me if I misspeak or don't know something.
I loved the idea of a local-only hub, and I want to setup my network to limit devices talking to the internet and also talking to each other if not beneficial for me.
A lot of my devices that I have that I want local, I also want to get updates for.
Things such as a NAS, a NVR, my Konnected Pro device, or the Hubitat hub, etc. This got me wondering...wouldn't I have to expose my C7 HE device to the internet in order to get updates, get user apps (loving the package manager BTW), etc.? Could I then somehow limit this efficiently? (I've even debated trying to hook all devices like this up to a single switch if possibleand just change the LAN port that the switch is going to.... just to pull updates. I'm not even sure if I can set rules up by LAN port yet or not...)
Would anyone kindly offer suggestions, things to think about, etc.?
I planned to do as Rob from The Hook Up said and have a NoT, IoT, a main, and a guest network.
Is this the best way? Is there a better workaround?
I guess I’m asking two questions here:
- Can I somehow make the hub as local as possible but still pull updates, get the weather, etc.?
- I assume the answer is just ‘no’.
- What are your suggestions on a network setup to make things as segregated as possible while still functioning?