Noob 2 Networking

How I configure my VLAN network

Disclaimer: I am by no mean a professional. I am just doing this for fun and enjoy learning along the way (I probably still don’t know anything 🤣). These are not meant as a guide and should not be treated as such. What I am showing you here is what I did, and it worked for me and my situation but might not apply to you. Your result could be very different from mine. Heck, I could be doing or saying something entirely wrong since I’m still considering myself a newbie (Hence the name of my site “noob to networking” 😉). Please don’t take a random person’s words on the internet too seriously, and again, ALWAYS and I mean always do your own research (Well, take this one seriously, though).

Well, hello there, another week came by so quickly. Before I realized it, this week was already here. I supposed it was time for another post. Let’s see what I want to write about for this week 🤔. Last week, I talked about how I set up my VLAN network using Pfsense, but that is just setting up the initial network. I will have to configure my VLAN to work with network equipment such as network switch and Access Point (AP) to utilize the VLAN.

Why?

Before I go into the detail about how I did it, let’s first discuss the why.

As you know, VLAN is, as the name suggested, a virtual network, so there isn’t any physical connection (wired or wireless), but that would be impossible. They are used to leverage the existing LAN connection and create a tag 🏷 to identify what network traffic comes from what network. If we don’t specify what network we want, then by default, all the networks will be coming from your main LAN network…sort of. Technically speaking, the signal carried will be all 3 VLAN networks. They are there as Pfsense generated them, but if we don’t specify, then LAN takes priority. It does not mean the other 2 VLAN networks are dropped for my network equipment.

The ideal design for my home network is to isolate all the smart devices into their VLAN network. The majority of the smart devices on the market use Wi-Fi for their connection, so I have to configure a wireless network ID linked to the VLAN for the IoT network. For the minority of devices that use wired connections, I have to configure a specific port on my network switch to be in an IoT network.

Wired

CSS326-24G-2S+RM

I used this MikroTik network switch. I mentioned it back in my home network setup. What I like about it is the feature set for the price. There are 24 ports + 2 uplink SPF+ ports I could freely configure. I plan to make port 24 into the IoT network port. It means that if you plug a cable into port 24 on this network switch and connect your computer to it, you will be connected to my IoT VLAN network and not another network.

Logging into the web management interface, we can see all the ports on this network switch.
To configure the ports, Navigate to the VLAN tab.
It is straightforward. Toggle the enable VLAN, make sure the network is in any mode, and enter the VLAN tag. My IoT network VLAN tag 🏷 is 10, so I put 10 and applied it all.

This is pretty much it. What? You thought it would be a lot more complicated? Don’t be silly; it is that simple because we have already done most of the work with Pfsense, which is the main crux of VLAN. This allows the network with a specific Tag to be recognized🤷‍♂️.

Product Link (Amazon Affiliated)

Wireless

EnGenius Access point

This is my access point in charge of broadcasting WI-FI for my home network. I need to configure a Wi-Fi hotspot that links to the IoT network for all my smart devices to connect. I picked this because of its capability of handling multiple devices simultaneously. As you might have figured, there will be a lot of smart devices being added to my home in the future, so I want to make a good investment and not just settle for some low-performance access point. It was costly, but I bit the bullet and made the purchase (I am very cheap, in case you have not realized by now 😅)

First, log into the access point web management interface
After logging in, we should see the dashboard like this. Navigate to the Wireless tab.
I want to enable a wireless network, Tick the box and select Edit.
Most smart devices only utilize the 2.4 GHz band and not 5 GHz, so I only enable 2.4 GHz. Service Set Identifier (SSID) is the name you want your wireless network to be. I named mine Ai O Tea, get it? IoT 😉 . I don’t want to hide my SSID because I want my smart devices to see this network and connect to it. I don’t want client isolation since I also want the smart devices within this network to be able to talk and control one another. The key point is to have VLAN isolation enabled, and I put in my IoT network VLAN tag 🏷 which is 10.
Scroll down, and we can see security mode. My recommendation is WPA2 because it is better than having a weaker security mode or no security at all but not too high like WPA3, where the protocol did not support the smart devices, at least not yet, so they couldn’t connect at all. Enter your password of choice, and please don’t make it like password123 😂. The other configuration can be left at default.
Hit save.
There will be a prompt asked for us to apply the change. Hit apply.
It will pop up another window with the confirmation. Hit Apply.
Now just have to wait for the changes to be applied.

That is all. Once the changes are applied, we should see our Ai O Tea network show up, all the smart devices connected to that network will be connected to VLAN 10, and the ID address should be 10.11.60.x

Product Link (Amazon Affiliated)

Conclusion

We have accomplished having both wired and wireless networks set up to utilize the VLAN networks. Of course, you will be different from mine because the configuration differs from equipment to equipment and manufacture to manufacture. But at least you understand the fundamental concept, and it will be simple to apply. Once you have a basic understanding of how this works, you will be able to figure out how to do it with your network equipment 😉. I am still learning myself, but please feel free to reach out to me if you have any questions. Maybe I can offer some assistance. With that said, all the time I have to write for this week as my laziness has taken over. Until next time all of you, Have a wonderful week!

-Laz

admin

,
, , , ,

Leave a Reply