Menu
What's new
By:
Filters
Better Search

Isolating IP cams and NVR from the rest of the network with VLAN

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

D

dissonance79

Occasional Visitor
I am a total VLAN noob trying to work my way through this. I'm trying to isolate my IP cams from my home network due to security risks I've heard regarding IP cams. My Asus RT-AX88U Pro router is located centrally on the second floor of my house in sort of a hallway loft that is open to the downstairs (there is only a handrail separating them). So it's sort of an ideal place for the wifi from my Asus router. My network box is in the garage which isn't real convenient for me to put my Asus router there as it's on one end of the house and there is a lot of HVAC ducting blocking wifi signal.

That said, I believe my Asus router supports VLANs but given that the NVR is attached to the router in my loft, and the IP cams are all attached to a POE switch in my garage, can I make it so that just the IP cams and NVR are isolated on their own network? I tried sketching an example below:

network01.jpg


I haven't bought a managed switch yet since I'm not sure if this will work.
 
Seems to me it would be a lot simpler and cost effective to place the NVR in the garage along w/ the IP cameras. Then you could grab an old router and place it between the private and IP Camera+NVR networks. After all, by definition, a router creates a new VLAN behind its WAN.

The only issue at that point is whether the IP Camera+NVR network should be facing the LAN or WAN of that router.

If it's WAN facing, then the IP camera/NVR network has NO access to the private network or the internet. It lives in total isolation, where only the private network can visit. But there's no DHCP server on the WAN side, so you'd have to statically configure those devices for IP. And I don't know if your IP Camera+NVR network is internet-dependent.

OTOH, if it's LAN facing, the IP camera+NVR network would have access to the internet, but you'd need to configure the firewall to prevent upstream access to the private network. And you could enable remote access over its WAN for administrative purposes from the private network.

IOW, if you have a suitable additional router available, support for at least one additional VLAN (perhaps more) is already available. It's just being aware of it and how to orient the hardware and configure the firmware appropriately for the given situation.

All that said, the devil is always in the details, and you might very well require something more akin to a managed switch, VLANs on the ASUS, etc. But I just think too many ppl don't consider what's probably already available, esp. if it's simpler and more cost effective.
 
You must log in or register to reply here.

Similar threads

M
Isolating home security cameras and providing remote access?
Replies
5
Views
992
jsbeddow
J
C
Wired IP camera/ NVR POE setup on a RT-AX86U Pro running 3.0.0.6.102_34313
2
Replies
25
Views
1K
tiddlywink
tiddlywink
S
Effect of security cameras on LAN
Replies
11
Views
212
sfx2000
sfx2000
D
Did I set up my home network correctly?
Replies
19
Views
722
tgl
T
J
PLC: I need a RELIABLE 3-ethernet port unit with the British plug configuration.
Replies
4
Views
614
John A
J

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 1,169 (members: 19, guests: 1,150)
Top