I have been recently getting around to isolating my IoT devices from my main network. I have set up various VLANS to do so. I edited the IP address in HASSIO before I shut it down to move to the new VLAN. Upon restarting I am unable to access it even from the same VLAN subnet.Unifi Network is showing HASSIO is located on 192.168.2.219 but a ping from another device on the same VLAN times out. I tried removing the SSD that HASSIO is installed on and trying to edit the config file directly with Notepad ++ however I could not find a config file with network information. Obviously I cannot SSH to the device with it being unresponsive so I need to access config on the SSD where HASSIO is located (I have an Argon One M.2 case)
Depending on your setup you may need to look at http section
Can you ping other devices within the vlan you try to ping HA? Firewall rule may be blocking ping or blocking connection.
Is HA running? Need to verify that. On with network IP and running(able to login) is not same thing. You may be able to verify this through an automation that occurs without your interaction
Yes I can ping other devices within the IoT VLAN. I only had automations for lights to turn on/off. They wouldnt run for another 8 hrs though. I dont think they would work though as I have moved the lights, Hue and LIFX, over to the IoT VLAN.
I was hoping there would be a config file on the SSD but the only config file doesnt include network information. I looked at Raspberry Pi Documentation - Configuration for help with adding an entry to force HASSIO back to the default network but I dont see an entry for that.
Ive been able to get my HA device back working on my default network. Im having problems getting it to work on my new IoT network and would appreciate some advice.
My understanding unifi allows traffic between vlans by default and if you want restrictions you set firewall rules to do so.
Ive moved the HA device’s port to the IoT VLAN, rebooted the HA device but I cant ping it.
Ive tried a test firewall rule LAN In accept all traffic from the default network to the IoT network but still no joy.
I move from unifi USG to Opnsense so I forget how to configure firewall for unifi. I may have documented this somewhere so I will look and post it here if I find it
That would be much appreciate. I was of the view that unifi communication between VLANs was allowed by default so I didnt think I needed to allow connections from my default to IoT networks.
I tried a LAN out rule from the default network to IoT network but still no response to ping. I can ping the IoT network’s gateway though, not the RP though. Maybe HA needs configuration before moving the appliance to a VLAN?
Yes I can pick the VLAN gateway from my default network.
Originate ping from 192.168.1.111 to 192.168.100.1 and I get a response. So the VLAN gateway is working. I have also moved my Hue bub onto the IoT VLAN and I can control lights fine from the 192.168.1.0 network.
But if I ping 192.168.100.111, my HA device, I get a request timed out message.
That didnt work. I set the HA network address to 192.168.100.111, the gateway to 192.168.100.1, and the DNS to 192.168.1.53 (pihole, unifi has a firewall rule allowing the IoT VLAN to talk to my DNS server). Obviously I loose connection with the HA device the moment I save the settings.
I also moved the port the HA device is connected to over to the IoT VLAN.
Pinging the HA device I receive a response timed out.
Changing the switch port back to my default network I can access the HA device and can see the network settings did not apply.
The HA device on the subnet couldnt reach the DNS server. I had written the Firewall rule incorrectly which was intended to allow IoT traffic to the DNS server on my default network. Instead I was allowing traffic to the default network EXCEPT for the DNS server.