Dictate VLANs for SSIDs

  • Requesting ability to dictate different VLANs for SSIDS in order to separate traffic - i.e. secure network for smart home devices separate from home network with PCs and phones/tablets.

  • this!!!

    it's the feature i'm missing the most: a separate VLAN for IoT.

  • @nicholas-chopp Thank you for your feature request. We appreciate all feedback and ideas to make out product better!

  • Please implement this. Without firewall rules the guest network is useless if you have want to use your own firewall/router infront of the amplifi.

    my setup:

    ISP - FIREWALL - | Vlan for internal use, Vlan for iot, Vlan for guest | - AMPLIFI -> || Normal SSID, Guest SSID ||

    this setup gives GUEST SSID full access to the current vlan on the WAN side of the Amplifi, and absolutely no visibilty because of NAT. Idiotic...

  • I would LOVE to have more IoT/VLAN options! I made a post a long time ago (over here) but I think I have evolved my understanding of what I would want to ideally support:

    • 4 VLANs
      1. Guest network
      2. Normal Private network
      3. IoT Network that has no access to the internet (optionally addressable from the Private Network and/or Guest network, but not in the other direction)
      4. IoT Network that has access to the internet with extra tight security (profile monitoring IPs that are accessed, etc) (optionally addressable from the Private Network and/or Guest network, but not in the other direction)

    The idea is that I'd like some IOT devices to not have internet access because I don't trust them. Others I would like to have internet access (hard to stream video without internet access!). Also, I'd like some of these to be accessible from the Guest VLAN (entertainment IOT) but others only accessible from my private VLAN (HVAC, home security system, video cameras, etc).

    We could extrapolate this to a few more VLANs to cover every possible combination, but I think I could get buy with these 4.

  • @shane-milton - This is a cool idea. Even if it is hidden underneath some advance view inside their app.

  • It would be nice to deny Drobo the ability to make connections outside the network, but be fully accessible inside the router.

Log in to reply