Clarification about client isolation and subnets

[Lsut142]

This is a very basic beginner question as it relates to subnetting and client isolation.

I'm trying to use home automation on a subnet. I suspect that by turning on client isolation my smart light bulbs can't communicate with my Alexa hub properly even though the hub and the bulbs are on the same subnet.

Concern and question is, if I turn off client isolation I'm sure that it will probably work properly however, by doing that I defeat the purpose of a subnet. Is this correct?

I want all devices on the subnet, light bulbs and Alexa devices etc to communicate but I don't want to inadvertently open a path outside of the subnet to other devices on the main lan by turning off client isolation.

Without spending money on additional hardware, just using the ISP provided gateway router, is there a way to do this? Or is my best option to set up a Pfsense or hardware firewall so that I can create specific block rules?

The devices I am trying to isolate from the main lan are all iot Wi-Fi devices.

I doubt ISP tech support is going to assist with this so I am posting here. The ISP is CenturyLink.

Thanks

 

[CaptainSTX]

This is a very basic beginner question as it relates to subnetting and client isolation.

I'm trying to use home automation on a subnet. I suspect that by turning on client isolation my smart light bulbs can't communicate with my Alexa hub properly even though the hub and the bulbs are on the same subnet.

Concern and question is, if I turn off client isolation I'm sure that it will probably work properly however, by doing that I defeat the purpose of a subnet. Is this correct?

I want all devices on the subnet, light bulbs and Alexa devices etc to communicate but I don't want to inadvertently open a path outside of the subnet to other devices on the main lan by turning off client isolation.

Without spending money on additional hardware, just using the ISP provided gateway router, is there a way to do this? Or is my best option to set up a Pfsense or hardware firewall so that I can create specific block rules?

The devices I am trying to isolate from the main lan are all iot Wi-Fi devices.

I doubt ISP tech support is going to assist with this so I am posting here. The ISP is CenturyLink.

Thanks

I had problems getting my Alexa/Amazon devices to connect to my ASUS AX86 and AX88Pro. After dumbing down all the WiFi settings (smart connect, beam forming, WPA2 Only , fixed WiFi channel, intranet yes/no ) nothing seemed to help until I determined that DNS security seemed to be the root of my problem. Try either setting DNS security to None or use the DNS Director and set each Alexa/Amazon Iot device to use a specific DNS such as 8.8.8.8 or 8.8.4.4.

 

[ColinTaylor]

Without spending money on additional hardware, just using the ISP provided gateway router, is there a way to do this?

Subnetting and client isolation are two different things, although sometimes they can be configured so that there's a 1:1 relationship.

Even with that said "client isolation" can be implemented in multiple ways, e.g. at a hardware level on a Wi-Fi access point, or at a router/firewall level. I think you'll have to wait until someone familiar with CenturyLink's router's implementation can comment further.

Try either setting DNS security to None or use the DNS Director ...

I doubt those options exist in the OP's CenturyLink router.