Best homekit iot vlan I had originally put the Apple hubs in the IoT VLAN but HomePods would disconnect from WiFi despite me blocking them from other WiFi SSIDs. Reply reply Top posts of December 1, 2020. Just created a group with all of the Airplay compatible TVs on the network, set them all to static and created the above rule. 30. Firewall rules to allow Established/Related data FROM IoT TO Private VLAN mDNS Port (5353) open to the IoT VLAN IoT devices across VLANs with HomeKit Top posts of January 25, 2021. However, I am having issues with HomeKit devices. I do know that a lot of IoT devices have trouble broadcasting across a DNS reflector, so you often can't set them up from within your main VLAN. Originally I had my home hubs on my IoT network. home_theater_1 Not entirely related to r/HomeKit but I’m looking to move all of my IoT devices onto a separate wifi network, to free up my existing wifi network for other uses. I have moved all IoT devices to a separate vlan. Question/Help I’m looking at securing my network a bit more. The IoT VLAN is strictly to keep my personal devices (PCs, phones, servers, etc. Reddit . g. Homebridge and Hubitat on Home network as well. @NasKar said in Using home assistant with Iot on different VLAN: I have home assistant on my main network 192. My IOT vlan has homebridge and my ikea hub. Lawrence systems on YouTube has a great video about pfSense and iot A separate VLAN the best unless you have multiple physically separated networks at home (if that's how your home is set up, more props to you). Explanation - at minimal to have HomeKit play nice. I have setup my main network (wired and wireless) to be able to see the IoT network, but not vice versa. Looking to separate iOT devices and thought the best approach would be to have a separate network setup in Unifi with its own WiFi SSID as well. Good thing about HomeKit is that HomeKit devices do need to work locally without internet and that they can be reached through HomeKit hubs (Apple TV/HomePods) from outside your house. Finally under network select the IOT network created above to assign all devices connected to this SSID to the IOT VLAN. 5. VLANs, IoT, firewall Segmentation + HomeKit . Since most IoT devices use an external server, all communication goes through the internet connection anyway and doesn't need a direct connection. I'll be making a few more posts At one point, I thought this issue was resolvedbut I quickly discovered that the HomeKit devices were able to automatically jump from my IoT VLAN to my main network. For now I have control through Homebridge. Apparently it is good practice to move all the IoT to a separate VLAN and isolate that IoT VLAN using Access Control but I have a few questions: But if a device is already on VLAN 1 and in HomeKit, to move it to VLAN 2 (iOT) you'll have to delete it from HomeKit and add it to VLAN 2 by connecting your iPhone to VLAN 2 and then add it to NIOT are for things that should not have internet access because there is no good reason for them to have it, but should be able to talk to themselves or others. an IOT vlan that does not The IoT VLAN contains devices that are allowed to talk to the internet and the general-use I use strategic firewall exceptions and an mDNS repeater for HomeKit The comment on microsegmentation vs vlans makes a lot of Edit: Figured it out! Two things: I needed to allow the Bonjour/mDNS port, 5353 UDP, in my IOT_LOCAL firewall rule. Setup: ISP modem in modem mode, 2 Eero Pro in mesh in bridge mode, Firewalla Gold in router mode and Pihole as DHCP server (but I am open for suggestion for another configuration) I have almost 70 IOT devices and using Homekit but will be switching slowly to Home assistant (on In pfSense I have all my IOT devices on a separate IOT-VLAN and then block all access to my LAN. Oddly, I have a handful of Homebridge devices (same subnet - IoT) that do work. I'm looking for folks experiences of homepods on this type of setup. VLANs. From everyday lightbulbs to the sprinkler out front, just about every household appliance and utility has a smart-counterpart. I deselected keep “Block LAN to WLAN Multicast and Broadcast Data” in the primary LAN and in the IoT LAN. Assuming management VLAN is "Default", create two new VLANS: VLAN-Protect and VLAN IOT with different ID numbers (e. 101. IOT is so insecure. This was/is the 1st time I’ve been able to get a VLAN to isolate First I determined which VLAN ID each VLAN should have. None of my devices would work without it. I have my ha instance in the iot vlan to maximize ease of integration, speed and reliability. The Pi has static IP, GW and DNS in the IOT VLAN Best. The process of creating, and isolating, a new IoT network is the same procedure as I have outlined before: Creating Isolated Networks with Ubiquiti UniFi. Worked like a charm. 4 GHz to put all my light switches and other HomeKit toys on. Create the VLAN interface with a static adress on eth0 (parent interface), defining ip, gateway and dns (adjust to your needs) Has anyone found any settings that improves the speed of HomeKit when the Apple equipment and the IoT equipment are on different VLANs? I do have mDNS enabled as best as I can see how but every request for basics like on a light are “one sec”, “working on that” and often with secure requests like opening a lock “sorry, that was taking too long”. HomePods, Apple TVs, iPhones/watch/iPads should be all in same vlan and ssid so that they play nice via bounjour/mdns and ensure home is not complaining about network mismatch. But I am planning to create following rules: Allow Home to IOT DENY all inter VLAN communication I have IOT devices (most of them Homekit compatible), homepod mini and Home Assistant on IOT network. CrossTalk Solutions has some pretty good videos. so although it looked like I was controlling the HomeKit devices on my IoT VLAN from my main networkin reality, I was controlling my HomeKit devices on my main network from I’m considering creating a VLAN for my smart IoT devices for extra security, but although I’m tech savvy I’m a networking rookie so have a few questions. 11 G. X. 0/24 without a VLAN tag. How to set up Apple HomeKit and Hue Bridge with various IOT devices on an isolated Guest VLAN / Guest WiFi This is a companion post to HomeKit WeMo Hue VLAN AP One Mini AC Mystery Solved Although Apple HomeKit has high standards for security, it’s still a good idea to keep your IOT (internet of things) devices isolated. Installed Avahi in the unifi docker image. Not sure if the latter made a difference in the pairing process, but I think it did. Once you have this network in Hi all, I would like to set up a separate IoT VLaN for my Unifi setup. Apple TVs function as home hubs on my client VLAN (shared with iPhones) and the HomeKit devices are on I wanted to start a new topic to see what others experience has been with advanced network setups. I recently got a Ubiquiti UDM Pro SE and I reconfigured my home network so that my IOT network is on a different vlan/subnet to my main home network. I also used the Hue app itself to pair the bridge, via the "HomeKit & Siri" option in the settings, as opposed to adding it via the HomeKit app. #nmcli connection show will list the “HassOS default” connection in use. For example for the IOT-VLAN I use VLAN ID 20. I have a HomePod and iPhone on my main VLAN and my IOT (homekit controlled) devices on my iot VLAN. But the IOT devices, and my guest network. 1/24 - Guest I have setup their corresponding wireless network as well. 3 Raspberry Pi 4 TP-Link ER605 router I have created two VLAN’s. But thereby use my homepod via the cloud when on My main VLAN network. For example, my smart home is fully Apple HomeKit compatible and consists of a Hue bridge with lightbulbs, Lutron Caseta smart di All home hubs on the trusted VLAN, IoT devices on the IoT VLAN. This IoT network is 192. 20 - 192. Top. Name: IoT; VLAN: 20 * Gateway IP/Subnet: 192. I am in the same situation, i have my main vlan with my Apple TV as my hub. More specifically, HomeKit uses mDNS, so if you really want, you can configure your router to bridge that service across the VLANs, but it’s really not worth the effort. Traffic from my LAN to IOT-VLAN is permitted. The only exception was that I couldn't use HomeKit Remote Access TL;DR Version: Make sure your iOS devices can connect to the HomeKit Devices on port 80 and 443, and replicate mDNS from VLAN/Subnet to VLAN/Subnet with Avahi. I allow the web interface from the main vlan to ha but that's it. https://youtu. Because of the way HomeKit "setup" process is all my Homekit is actually on my Main network, my Simplisafe Smart devices (camera's and hub) and Roku TVs are on the IoT for now single VLAN for IOT devices is the same question as single VLAN when you can acknowledge that 'its just another LAN' and that the IoT things are just 'things on that LAN' then it will be easier to understand. HomeKit hubs on the main VLAN have no problem talking to the IoT VLAN as long as mDNS is being repeated across them. If you see people spreading misinformation, trying to mislead others, or other inappropriate behavior, please report it! Truely dumb IoT devices i leave on my IoT VLAN. The smart world of Internet-of-Things (IoT) devices is ever growing. I have a full Ubiquiti lineup and have a dedicated IoT VLAN for all of my devices that use WiFi. VLAN 20 has all of my IoT devices. Ofcourse, this is where my problem began and I have to assume this is where my problem lies within. People advocate the “one SSID with 2. VLAN 10 has my Raspberry Pi only. But I still see all the devices on the VLAN so client isolation is not working. That IoT profile has all the firewall rules in place to prevent talking to other VLANs and all of that. Long Answer - maybe. Related I use my appleTV as a homekit hub and I am unable to get homekit devices on an IoT VLAN to talk to it. Setup HomePod on the IOT SSID and then move my iPhone back to main SSID and keep the settings for the IOT SSID but turn off auto connect on the iPhone. 3 Home Assistant OS 12. Homekit can't access the devices from main vlan. My current set up is a simple one SSID with everything connected to it one way or another (wifi & 8-port unmanaged switch). Have a dedicated IoT SSID and VLan with band steering and Wifi AI on. But my Nest thermostat still doesn't work over matter, so that's just future proofing I guess, as everything else like Homekit For 2. 42. My Caseta Home Bridge is wired into a port on my switch I tagged with my IoT VLAN profile. Please put all off topic posts in the weekly off topic thread that is stickied to the top of the subreddit. Best. Also break it down into these parts: How do I add a VLAN on pfSense How do I put wired devices on that VLAN So while all native HomeKit devices work fine the ones that rely on Homebridge show "No Response" and that makes no sense. like my printer, hue lighting app, hue sync etc. I do this for the IOT VLAN with no internet(for items like ESPHome, WLED), IOT VLAN with internet, and for the camera VLAN with no internet. primary LAN is a Corporate type. I would like to purchase something like the Unifi Dream Machine and utilize VLANs to separate my “main” network from my “IoT” network. Originally designed for computer architecture research at Berkeley, RISC-V is now used in everything from $0. Firewall rule to And if you have a smart home, then creating a separate VLAN might be a good idea. I've been with the Apple HomeKit ecosystem for at least 3 years now with zero issues at all. 4ghz and 5ghz” method so that you let the device find its best connection, but personally, I prefer having only a single network and WiFi band available for IoT to avoid devices hoping around. The IoT VLAN still has external internet access. 1. The usual Homekit devices should work no issue if you The vlan acts as a "template" meaning so long as the iot device is added to that vlan, you do not need to know if you have missed out on placing firewall rules for that new iot device you bought Being templated makes it easier to troubleshoot as you just found out that, for certain devices, it can cause mDNS issues that are hard to pin down I would like to set up a Guest Vlan, a Main Lan with my Nas, Mac, TVs, iPads, iPhones, Apple TV and Homepods (These are the HomeKit Hubs) and an IOT HomeKit Vlan. . From here you will use the nmcli configuration tool. Infrastructure doesn't have internet access, and can't initiate to primary. Afterwards it is just a matter of moving each IoT device to this new network. HomeKit with VLANs . I'm not sure that is the best approach. Theres a few different things going on, everything can be hacked, but it depends on who you use, if you're using homepods/ATV, Alexa, namebrand, its more likely that they patch holes/vulnerabilities than smaller companies/no name View community ranking In the Top 5% of largest communities on Reddit. IoT WiFi network setup using the IoT VLAN. 10 CH32V003 microcontroller chips to the pan-European supercomputing initiative, with 64 core 2 GHz workstations in between. Open comment sort options. So, you’ve setup multiple VLANs and SSIDs at home, you’re keeping all those Internet Connected toasters away from the LAN where your crown jewels sit. And Adguard I'd recommend a solution like u/ph0n3Ix and u/Naito-are recommending - put your HA on the trusted network, and use a stateful firewall rule on the IOT "IN" interface with a default action of "drop", and add a rule to allow established/related. If I've got a Firewalla Gold, Homekit devices, and Asus mesh access points. Background I’ve created a VLAN (wireless) that is limited to 2. I use smartthings, and keep it on the isolated IoT VLAN. The iot vlan has no access to the trusted vlan , but can access the internet. Even running my own mDNS reflector and doing all the allow established firewall rules. E. I have a IoT vlan for all Chinese gadgets and regular vlan for Apple TV/HomePods and users. Opnsense, VLANs, IOT, and Adguard HomeKit works, my IOT stuff works. 0/24 with VLAN number 101 (VLAN and subnet numbers don't have to be the same but it makes things easier to remember) and LAN on 192. If the IoT VLAN is blocking peer to peer communication, it won’t work to put HomeKit devices in it at all. I turned on the MDNS service in the UDM Pro. 168. 40 on my main VLAN, 40 on my Iot vlan. My Basic IoT VLAN Setup | My current IoT VLAN Firewall Rules | Chromecast-Specific Settings | Sonos-Specific Settings | Apple TV / AirPlay-Specific Settings | Roku-Specific Settings | HP Printer-Specific Settings. IoT devices not automatically discovered across VLANs. All ubiquiti equipment. I recently setup my Home Network into 4 Interface VLANs (Main untagged 1, IoT, Cameras and Guest) and do not have any ACL rules yet. Perform the following steps to create the IOT-VLAN: Go to Settings and Networks; Click New Virtual Network: Network Name: IOT-VLAN You can select any name or SSID here, I decided to use my standard Wifi name plus “_iot” for the new wireless network. Example: Tp-link Kasa devices on IoT vlan using the Kasa andoid app on a phone not connected to that vlan (either cellular data or separate vlan). If you see people spreading misinformation, trying to mislead others, or other inappropriate behavior, please report it! Apple HomeKit, trouble with devices on IoT VLAN seeing Apple TV hub Sorry if it seems redundant because I have posted not even a day ago, but now I want specifics. HA 2024. Siri voice commands don't necessarily need to be executed on a device within the same VLAN as the Homekit devices; Apple should take the command regardless of origination and I have a UDM running 80 wireless devices. Good! After watching TheHookUp and CrossTalkSolutions, I have a pretty decent ruleset. I've got my Firewalla set up with the default settings at the moment, and am looking to get my network more secure. So switched my entire home network stack over to Ubiquity recently - UDM-SE, managed switches for home/work, and AP's. This is a companion post to HomeKit WeMo Hue VLAN AP Allow your main LAN to connect to port 80 and 443 on HomeKit devices. Specifically you can't really put a printer on that IoT vlan unless you then use a web-based print service (hp cloud, etc). You'll especially notice this helps when you need your iPhone to setup a device, put it on the legacy network, join your HomeKit device, then forget the network on your iPhone. Moving wired devices My question is this- I am attempting to create a smart house using HomeKit (Apple TV is my hub). This way the device kan auto-update and what not but can never go to my LAN. reReddit: Top posts of December 2020 I have a dedicated IoT VLAN but I do not limit it's internet access. NIOT and IOT can't initiate comms to other networks. if your current internal network is 192. I'm having to keep my homepod on my IoT. This post gives step-by-step I created an IoT VLAN + associated IoT WiFi and assigned all un-trusted devices to it. 4, that is best practice for iot since most of those form factors won’t support 5 If the IoT VLAN can’t talk back to the main VLAN, could that impact automations? This concept pairs nicely with enabling mDNS for ecosystems such as . It can even ping the iPhone IP on the LAN. My concern is HomeKit. cannot reach the Internet. Then this week I upgraded my network to Ubiquiti equipment (USG + US-8-60W + AP) and setup an IoT VLAN. 1/24 * Click UPDATE DHCP RANGE; IGMP Snooping: Enable, by checking the box; Enter a VLAN number (between 2-4095) for the IoT network; Click Save when you're done with the configuration. The IoT VLAN is set as a Guest type. I've got three main VLANS - clients, services and IOT Home Assistant sits in the services network, my homepod sits in the clients network and my IOT lights are connected via wifi and sit in the IOT network By default, traffic between VLANS is blocked, but I have the following rules in place: Clients have access to the HASS VM A lot of HomeKit hubs and accessories I would like to set up a Guest Vlan, a Main Lan with my Nas, Mac, TVs, iPads, iPhones, Apple TV and Homepods (These are the HomeKit Hubs) and an IOT HomeKit Vlan. I have an IoT VLAN setup (ID 100). So I recently worked through this, after reading a bunch of docs, and thought I'd share my approach to VLANS and firewall rules for IOT devices. The Pi has static IP, GW and DNS in the IOT VLAN The Pi can ping all devices so it can clearly communicate. They have a series on Ubiquiti I guess truly the best way to do this is grab a spare ATV 4K and keep it in your network rack (tagged IoT VLAN), and make that the primary hub for your Homekit Home. Try to keep the settings simple here because many IOT devices don't support some of these more advanced wifi features. I have most of the HomeKit devices on my NoT Vlan, and the others on IoT (mainly home hubs and a Roborock vacuum which I’m trying to lock down). This number will match the Gateway IP/Subnet - 192. Hi, it's the n time that I try to figure out why if I isolate from my main network the IoT devices, then they are superslow to respond (like 3-4 secs to turn on/off a light), see gif below I configured the 2. How do I create VLANs in HA so that HA can auto detect devices in I have my Homekit devices set up on a VLAN. Works great and Short Answer - perfect world it makes sense. VLAN10 has full access to VLAN20 but VLAN20 cannot talk to 10. Mostly for the simplicity of streaming video/music from iPhones/iPads. ) I am a HomeKit user, I have a HomePod mini as the main controller, some wifi smart thermostats, and a Keeping "smart" IoT devices segmented from the rest of your network is a good idea. Best setup configuration for external I am having issues with connecting to HomeKit devices on a different VLAN. x and want to put all the wifi IoT devices on a separate VLan (IoT) 192. I setup the reflector and allowed port 80 and 443 to the IOT vlan. What are the settings and the firewall rules that I have to set up : to have all working seamlessly together. I know that ideally, I would segment the IOT devices in their own VLAN, but my Asus APs do not support VLAN and I'm not looking to upgrade them at the moment. I already have a managed switch (Netgear GS308EPP; yet to set up VLAN) so now I’m looking for a wireless access point (WAP). Configure ACLs (Access Control Lists) to restrict communication between VLANs. The Homebridge is running on a Raspberry Pi 4B connected by ethernet to the UDMP and the port on the UDMP is configured for the IOT VLAN. Generally when I buy a new IoT product, I just chuck my phone on the IoT VLAN/SSID for initial setup then hop back over. I have Avahi enabled between the two VLANs and the following firewall rules are in place: - allow main -> iot/internet (all ports / ip addresses) The Homebridge is running on a Raspberry Pi 4B connected by ethernet to the UDMP and the port on the UDMP is configured for the IOT VLAN. Then use Avahi to make things like chromecast work again. Just added my 1st NEW HomeKit lightbulb last night since the switch, and I have HA and Home bridge and HomeKit on the main LAN, and all the IOT devices on IOT network. As of right now I have 3 vlans: My default secure VLAN , A dedicated VLAN for IOT devices, Apparently it is good practice to move all the IoT to a separate VLAN and isolate that IoT VLAN using Access Control but I have a few questions: But if a device is already on VLAN 1 and in HomeKit, to move it to VLAN 2 (iOT) you'll have to delete it from HomeKit and add it to VLAN 2 by connecting your iPhone to VLAN 2 and then add it to I’m mainly HomeKit for IOT stuff. Notes for HomeKit and Sonos and Lutron. My Apple TV is in my main LAN. 1/24 - IoT 30 - 192. 4GHz only to the IoT devices, than I created a zone for the interface like as the Guest zone, I also tried to use some firewall rules/ports (as I've read online) but they are still An ‘iot network’ or a network for only iot? If you have a lot of smart devices on wifi it’s never going to be great. Dunno what an iot network is, but not having your iot/smart devices on Things like shitty printers, anything by Wemo, anything that's slow or 802. I want to be able to place all my IOT devices including the HomeKIT Apple TV hub in the IOT interface VLAN and be able to run the Home App on my devices in the main VLAN 1. Next we need to create a new SSID and assign it to our new VLAN: Under Settings > Wireless Networks, click Create New Wireless Network Please put all off topic and picture posts in the weekly off topic thread that is stickied to the top of the subreddit. So I have two hubs, a HomePod and a 4th gen AppleTV 4k. Any idea how to get Homebridge devices to work in HomeKit In addition to my "Basic" IoT VLAN setup, the additional AirPlay-specific LAN IN rules I've needed are: Thank you good sir. with the IOT on VLAN 100. I have a UDM-SE with multiple APs and cameras. If you see people spreading misinformation, trying to mislead others, or other inappropriate Deny IoT network all access to the primary network. Siri can control everything from the production networkwith the IOT on VLAN 100. Because the security of IoT devices is not always as it should be. I generally trust Apple devices as Apple has a sane update and privacy policy. be/UGBobTInIBc. Optionally Deny IoT network all access to the internet Depending on what devices you have in the IoT network and whether they’re HomeKit compatible or not, the third firewall rule may not be ideal in which case you can fine tune your rules per your needs. The only one I couldn’t make to behave was the Aqara bridge. At the hassio > prompt, type login. Other IoT stuff I had then became very sluggish to respond. HB has a leg in both and works great. I have 2 HomePod Mini’s that are my HomeKit hubs. These are Homekit-enabled plugs. I can access the ikea hub but not homebridge. I'm currently working on a UniFi IoT VLAN setup guide, and previously made this post showing my current UniFi firewall rules. 10. x). 1/24) specifically for your IoT devices. NO ACL rules are created yet. Added a firewall rule to block Teleport or VPN You can have your AppleTV/Homepods on the main VLAN and all your smart home devices on the IoT VLAN as long as you enable mDNS and allow traffic on the IoT I also have a IoT VLAN with isolation for everything else. But I like I have my AppleTVs (homekit hub) on my home network, with devices on my IoT network. The other day i was able to watch live TV (IPTV) but couldn’t get Plex streaming to work, ping good, access to plex good also on the lan side - guest is VLAN 20, guest wifi - IoT is VLAN 30, IoT wifi - NoT is VLAN 40, NoT wifi - kids is VLAN 50, kids wifi (This is all provisional, open to suggestions if people have them. I have pfsense firewall rules allowing trusted vlan to talk to iot vlan and internet. I have a HOOBS homebridge connected to my UDM IoT port. 1/24) specifically for your So in this article, I will explain how to set up and secure VLANs in the UniFi Network Console. You can do this via IP to IP + port rules, or, if you do not mind your main network reaching the IoT I have moved all IoT devices to a separate vlan. Firewall blocks all IoT vlan traffic from hitting the WAN, and allows all traffic to my AppleTV, Hubitat, and Homebridge static ip addresses. If you see people spreading misinformation, trying to mislead others, or other inappropriate behavior Create an IOT wifi network associated with your VLAN-IOT Network. I'm setting up a Synology router that allows me to create multiple VLANs and SSIDs. Homekit can't access the devices from mai To set up the best VLAN configuration and ACLs for isolating your IoT network, here are a few steps you can consider: Assign VLAN 20 (192. You now have a VLAN in which your IoT devices can live. 2. You can also selectively allow DNS or ICMP if needed by adding a default action of "drop" to the IOT "LOCAL" interface, with a specific rule Hi. This article is updated in Jun 2024, using the latest UniFi Network version (8. I currently use HomeKit with HomeBridge (to integrate non HomeKit gear) running on a Synology that mostly worked fine before but sporadically would have issues. Maybe I missed something or maybe this is new behavior in iOS 15. New. I don't seem to be able to do this right FWIW I have Apple devices in my same VLAN and non-Apple IoT on a different VLAN. I don't use homekit, so don't know how it exactly plays with other devices. I was trying to separate out my IoT devices from my personal devices (PC, Macs, phones, iPads, etc) but I ran into issues with the first device I was testing with. 0/24. I enabled IGMP v3 Snooping in both. Re-adopt all devices in IoT vlan using iphone connect to IoT wifi. I'll add to it be more concise/clear hopefully, but you can also google it yourself, Homekit Iot VLAN segmentation. Creating the Isolated IoT Network #. IoT. Reply reply More replies. I've set up the Primary Network (containing my computer and Phone, the Apple TV as Homekit base and multiple Homepod Minis), as well as a separate IOT Network (containing all I managed to get it working, enable UPnP on both IOT VLAN and my main LAN. 1. 20. ESPHome, homekit, etc. I run avahi services mdns on the pfsense for allowing the trusted network to browse and connect to devices in the iot vlan. My streaming box is on the the default VLAN; my IOT devices are on the IOT VLAN and communicate fine with the streaming box (which is the hub for the IOT devices as well) VLAN in HA: Log into as root to the HASSOS base system via a console. RISC-V (pronounced "risk-five") is a license-free, modular, extensible computer instruction set architecture (ISA). I have a setup similar to u/DigitalAssassn, though I have an additional VLAN for Protect/cameras. You can run a seperate ssid to tidy it up a bit or get products that use something like zigbee. ) safe from a potential security breach caused by my IoT devices by preventing traffic from going between the two networks. Then back in UniFi turn on Mac filtering on the main SSID to block the MAC address for the HomePod. Instead of managing VLANs, you can also use a HomeKit compatible router like Eero or I'm trying to understand what the best practices are for setting up a HomeKit configuration. reReddit: Top posts of January 2021 To set up the best VLAN configuration and ACLs for isolating your IoT network, here are a few steps you can consider: Assign VLAN 20 (192. 0/24 you would split that into two VLAN/subnet parts, like IoT on 192. x for security purposes. Recently I got a Unifi Gateway Cloud Max and am thinking about going down the path of separating a few of my device types into dedicated network segements (vlans). I used to have a 3rd vlan for cameras/security equipment but the native homekit cameras from Eufy don’t like being on a separate vlan from the HomeKit hubs. to reach out from main network to IoT was "After Predefined" so that fixed my issue of getting to my Roku TVs on the IoT. At some point today, you have most likely used something that would be considered an IoT. I tried opening the port number that shows up in the log but that didn’t help. Do these devices go on the main LAN, How to set up Apple HomeKit and Hue Bridge with various IOT devices on an isolated Guest VLAN / Guest WiFi. xisw hmzvms qukqy jlsr ymzdmb juovq lij ucsxfw wxbjp ickdy