So long Story Short I have all the pieces for my network setup and functioning but not exactly how I want them. I have 4 port mini PC running pfsense it is acting is my router/firewall/squidproxy it connects to my FIOS ONT on the WAN side and the LAN side goes into my 24 port microtik router switch. From there I am currently running an ubi AP and a netgear r7000 running dd-wrt both are only used for wifi to see which has the best coverage.
Now to give an idea what I run for hardwired items. 3PC's, two media players, two tivo boxes, sonos bridge, philips hue bridge, 1 NAS/Media server, Onto Wifi devices I have two nooks, 1 tablets, 3 cell phones, harmony remote hub,ecobee thermostat, two foscam cameras, 2 laptops, 3 game consoles, echo dot.
My main issue I am having is a single firewall change or squid change is causing havoc on a lot of my "Smart home" items Second I need to start limiting and watching what my kids do online. Third with all the Smart devices always running on the internet I want to limit the access they have to other parts of my network. So I was thinking Vlans is the best way to achieve this.
Vlan 10 - "adult network" access to anything would have 1 PC, NAS, 2 cell phone 2 laptops, media players,
Vlan 20 - "Kid network" 2 PC's, 2 tablets, 1 cell phone - access to internet but filtered with squidguard or dansguradian.
vlan 30 - Smart home Devices, tivos, Sonos, foscam
Vlan 40 - guest network
My issue with this is I need sonos to be accessible from adult network to initiate playback and read file on NAS, I need adult cell phones to be able to access the smart apps and sonos, Foscam cameras connect to PC in adult network that is running blue iris
Vlan 20 - might at some point need access to NAS on VLAN10 but only NAS
Vlan 40 - is easy as its straight guest to the net it wont have access to anything.
Does this plan seem like it will work or am I overthinking it.
Now to give an idea what I run for hardwired items. 3PC's, two media players, two tivo boxes, sonos bridge, philips hue bridge, 1 NAS/Media server, Onto Wifi devices I have two nooks, 1 tablets, 3 cell phones, harmony remote hub,ecobee thermostat, two foscam cameras, 2 laptops, 3 game consoles, echo dot.
My main issue I am having is a single firewall change or squid change is causing havoc on a lot of my "Smart home" items Second I need to start limiting and watching what my kids do online. Third with all the Smart devices always running on the internet I want to limit the access they have to other parts of my network. So I was thinking Vlans is the best way to achieve this.
Vlan 10 - "adult network" access to anything would have 1 PC, NAS, 2 cell phone 2 laptops, media players,
Vlan 20 - "Kid network" 2 PC's, 2 tablets, 1 cell phone - access to internet but filtered with squidguard or dansguradian.
vlan 30 - Smart home Devices, tivos, Sonos, foscam
Vlan 40 - guest network
My issue with this is I need sonos to be accessible from adult network to initiate playback and read file on NAS, I need adult cell phones to be able to access the smart apps and sonos, Foscam cameras connect to PC in adult network that is running blue iris
Vlan 20 - might at some point need access to NAS on VLAN10 but only NAS
Vlan 40 - is easy as its straight guest to the net it wont have access to anything.
Does this plan seem like it will work or am I overthinking it.