Hi, I need some help with understanding how to create isolated networks at home to seperate cameras and IoT devices from the main network. I currently have an ASUS RT-AX82U as the main router connecting to my isp and an ASUS DSL-AC68U connected to the main router as a mesh node to give improve wifi coverage in an area that previously had reduced signal strength. The AC68U used to be the main router until our isp upgraded the connection from FTTN to FTTP. The network as it is now works great with almost no trouble at all, however I just purchased a few ip cameras to monitor the house when we go away and lots of googling later I find myself confused and also concerned the current setup is not secure enough.
From my research it seems that the cameras should be isolated from the main network and this also led to learning that IoT devices should also be isolated. My router doesn’t support vlans except for the guest networks which are not ideal. For now I have temporarily connected the cameras to the guest network so they are operational for our upcoming trip. I don’t yet have an NVR setup, the cameras each record locally onto a micro sd card and I am able to access them from their phone app both from my main home network and also when away from home. They are tp-link Tapo cameras and the associated phone app. As a test I setup zoneminder on a spare Linux laptop and connected it to one of the cameras. Zoneminder could access the feed if the camera was connected to the main network but with the laptop and the camera both on the guest network zoneminder could not access the feed, which I expected since the guest network doesn’t allow devices to talk to each other.
I could use some help, perhaps with a simple diagram, to visualise how the network should look for it to work. Attached is a very simple drawing of how I think it should look but I don’t know if I’m on the right track.
The Camera and IoT networks would somehow be isolated from the main router but those devices would still need access to the internet and I would need to access the camera feeds. The items in pink currently don’t exist in my home network and the cameras are temporarily connected to the guest wifi network of the main router. The plan is to disable the camera wifi and connect them through PoE to the NVR through a PoE switch if the NVR doesn’t have PoE ports or is a software NVR running on a laptop.
Sorry if I am unclear, after several long days of searching the internet trying to crease my network knowledge my brain is kind of scrambled. Any help would be greatly appreciated.
From my research it seems that the cameras should be isolated from the main network and this also led to learning that IoT devices should also be isolated. My router doesn’t support vlans except for the guest networks which are not ideal. For now I have temporarily connected the cameras to the guest network so they are operational for our upcoming trip. I don’t yet have an NVR setup, the cameras each record locally onto a micro sd card and I am able to access them from their phone app both from my main home network and also when away from home. They are tp-link Tapo cameras and the associated phone app. As a test I setup zoneminder on a spare Linux laptop and connected it to one of the cameras. Zoneminder could access the feed if the camera was connected to the main network but with the laptop and the camera both on the guest network zoneminder could not access the feed, which I expected since the guest network doesn’t allow devices to talk to each other.
I could use some help, perhaps with a simple diagram, to visualise how the network should look for it to work. Attached is a very simple drawing of how I think it should look but I don’t know if I’m on the right track.
The Camera and IoT networks would somehow be isolated from the main router but those devices would still need access to the internet and I would need to access the camera feeds. The items in pink currently don’t exist in my home network and the cameras are temporarily connected to the guest wifi network of the main router. The plan is to disable the camera wifi and connect them through PoE to the NVR through a PoE switch if the NVR doesn’t have PoE ports or is a software NVR running on a laptop.
Sorry if I am unclear, after several long days of searching the internet trying to crease my network knowledge my brain is kind of scrambled. Any help would be greatly appreciated.
