I have an Eero based mesh network in my home. I have two Eero Pro’s (gen2) and two Beacons, and one of the Eero Pro’s acts as the router. I also have an old dumb 16 port switch. None of them support VLAMs or VWANs.
I have a Synology NAS, an RPi4, a Harmony Hub w/extender, a Qolsys IQ2+ controller (that is also a good quality Z-Wave hub), 20 or so Z-Wave devices, and a bunch of IOT devices (mostly wifi enabled plugs, switches and that connect directly with Alexa).
So, I’ve been looking heavy into getting HA, but I’ve seen a lot of people are setting up VLANs to isolated IOT devices. I could get a Firewalla Gold and have one Eero Pro Gen2 / Beacon combo on one VLAN, and the other pair on another VLAN. This way each VLAN would.have its own wired and wireless subnet. The Synology has two gigabit ports so I could have one plugged into each VLAN, too. If I understand this correctly, the NAS could then be accesses by any device in the network as long as that’s allowed by the settings in the Firewalla. I could have all of our PCs, laptops, phones and tablets on one VLAN (whether wired or wireless), and have all the other devices (mostly IOT devices on the other VLAN).
The other option is to get a Firewalla Purple and a 24 port managed switch (my 16 port dumb switch is old and on its way out). Since I’m going to need to get a new switch anyway, I might as well get a managed POE switch and have more flexibility going forward.
Given these ideas…
- Would you install HA on the RPi4 or the Synology NAS.
- Would you get a Firewalla Gold and a dumb switch, a Firewalla Gold and a managed POE switch, or a Firewalla Purple and a managed POE switch? I don’t anticipate needing more than 5 VLANs.
- Any other advice for what devices should go on which VLAN and how they should be allowed to communicate (or not communicate)?