Tech Support Forum banner
Status
Not open for further replies.

Router or switch for port-based VLAN?

4K views 10 replies 4 participants last post by  SpywareDr 
#1 ·
I want to replace an old Linksys RVL200 router (10/100 only) that is bogging down my internet speeds.

My network is fairly simple, I used the RVL200 to create two VLANs on two ports on the router. Port 1 feeds a 16-port unmanaged (dumb) switch, with all my stuff on it. Port 2 feeds a separate WAP that I use to give internet to my tenants I share the house with. This separates all the stuff on my network from theirs. One set of IP addresses is 192.168.2.x, the other 192.168.3.x.

I bought a Linksys AC1200+ (or EA6350) router to replace my old RVL200, and the documentation is horrible. It appears not to be able to do a port-based VLAN, or at least I cannot figure out how to make it work that way.

I am considering returning it.

My question: Is it easier for me to buy a different router that supports port-based VLANs, or buy a new 16 or 24-port managed switch that can do the same thing (just give two networks access to the internet so they can't talk to each other).

And if I just get a new switch, it will still be able to keep things separate through the router? (I don't understand if you just make one connection between the router and the switch, or two.)

I didn't think this would be so difficult, I assumed everything these days would have pretty robust VLAN capabilities, but I guess not? :uhoh:

Thank you.
 
See less See more
#3 ·
How about just enabling Guest network mode for your tenants to use. This is just like a VLAN in the sense that it separates the two networks. So your tenants will be able to access the internet only, and nothing on your private network.

Most wireless routers nowadays offer such capability. I have my WLAN setup with a guest network which I used specifically for that, guests that come over and want to get on my wifi. I give them the password and they can access the internet via the guest wifi network and I don't worry about them being able to access my private network.

It's much simpler than dealing with setting up VLANs or managed switches. That's always fun, but for the average consumer, having the guest network option is much easier to setup and manage.

Hope this helps.
 
#4 ·
I have tenants so by providing internet you also assume some liability. Having all the tenants on a guest network means they can see each other. That's a problem for everyone.

Though QoS is not mentioned, a vpn router will have that feature. This can be really valuable if you have a tenant/unit that is a heavy user that impacts everyone else. You can equally divide the bandwidth to everyone equally.
 
#6 ·
I hadn't thought about using Guest Mode, in fact that would work perfectly, except that I am concerned about security. I have to check if it will do a secure guest mode, because it seems many routers do not.

I'm not terribly concerned about bandwidth hogging, though my current router did have QoS, which I used to preference myself, but I don't do too much heavy internet usage like I used to (I used to do video production, and was moving huge files around up/down). Nowadays, the most I do is Netflix or Youtube, which is not critical.

As far as port-specific VLAN routers, how can I find these? The information online is terrible. I spent an enormous amount of time just trying to figure out if this Linksys AC1200+ had it, but the manual is useless, and there's almost no detail anywhere I could find, and I run into similar things with many other routers. Documentation explains so little.
 
#7 ·
With a consumer grade router for homes or SOHO networks, Guest mode would be the only way I can think of for you to isolate your network from the tenants. Again, similar to VLAN.

As far as port specific VLAN routers, for consumers, not commercial applications, didn't even know they had available as this is more of an commercial application.

You can opt to get a managed switch just for the WAP which you can assign a VLAN for the Guest network the tenants would connect through.

Just curious, what liability are you concerned with? Are your tenants really tech savvy that you're concerned one of them would be looking to tap into the "guest" network and view packets (i.e. Wire Shark) to get information from other people on the network?
 
#9 ·
I'm not really concerned about liability per se, I just have a bunch of NAS drives with a lot of different content, movies, documents, photos, computer backups (time machine, etc) on there, etc. I would like to keep all that stuff on my side of the network, and open to me, but not to them, basically. I'm not concerned about hacking or anything like that. So the fundamental goal is basically: keep everything in my LAN open and available to me so I can move files around easily, and give them internet without letting them see/get into all my stuff.

BTW: I live in a neighborhood, not in like a big apartment building, so I'm not really concerned about my elderly neighbors hacking me or my tenants or anything like that. Even if a guest network for my tenants is unencrypted, not very secure, meh, that doesn't concern me too much.
 
Status
Not open for further replies.
You have insufficient privileges to reply here.
Top