Menu
What's new
By:
Filters Better Search

Plex Pass though to IOT Network

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

C

custmblt

New Around Here
I would like to have my Plex server available to my IOT devices (TV;s) that are separated from my normal network but still on the same router (rt-ax86u pro) My home network is setup on 10.xxx.xxx.1 and the guest and IOT network is setup on 192.xxx.xxx.1 not sure how to safely do this other than remotely connected and that does work but is much slower that to use just local LAN traffic. I don't trust these new smart TV's to behave on my network.

Thanks
 
custmblt said:
I would like to have my Plex server available to my IOT devices (TV;s) that are separated from my normal network but still on the same router (rt-ax86u pro) My home network is setup on 10.xxx.xxx.1 and the guest and IOT network is setup on 192.xxx.xxx.1 not sure how to safely do this other than remotely connected and that does work but is much slower that to use just local LAN traffic. I don't trust these new smart TV's to behave on my network.

Thanks
Click to expand...
Looks like you are running an AX86U Pro? If so, with the new Asus firmware you have the ability to do VLAN. Depending upon the box you are running the Plex server on, you can add a second LAN interface and tag it to use the guest network. I did this with my DS220+ which has two LAN ports and it worked. If the Plex box has only a single LAN port it may be possible to set up a second IP address to connect to the guest network.
 
My recommendation is to scratch one of the private networks and separate your IoT from your regular network using VLANs and then use VLAN tagging to enable Plex to talk to the TV. If you absolutely insist on the need for a second address space, then you will have to add a Layer 3 device to the network to bridge the two via default gateways and a static route.
 
Great stuff, thanks for the reply. I should have been more clear in the beginning or maybe Ive miss understood you. The 10.xxx.xxx.1 is the LAN IP range that Plex is connected too. The 192.xxx.xxx.1 is one of the guest network WiFi connections and the IP is assigned by the default IP range(192). When I set up the router I modified the default LAN IP to the 10.xxx.xxx.1. I though it might add some additional security? My Plex server is attached to my file & backup server for my endpoints. I believe from our conversation here is that I needed to run a separate machine running just the Plex server on the IOT network(guest) The Plex server started out as a project but has turned into much more and probably just needs to be isolated not only for ease of programming but security as well.
 
custmblt said:
Great stuff, thanks for the reply. I should have been more clear in the beginning or maybe Ive miss understood you. The 10.xxx.xxx.1 is the LAN IP range that Plex is connected too. The 192.xxx.xxx.1 is one of the guest network WiFi connections and the IP is assigned by the default IP range(192). When I set up the router I modified the default LAN IP to the 10.xxx.xxx.1. I though it might add some additional security? My Plex server is attached to my file & backup server for my endpoints. I believe from our conversation here is that I needed to run a separate machine running just the Plex server on the IOT network(guest) The Plex server started out as a project but has turned into much more and probably just needs to be isolated not only for ease of programming but security as well.
Click to expand...
What I meant by adding a layer 3 device is to add either another router, or (preferably) a Layer 3 switch (which will route) and put all of the other private network on it. This will allow the two networks to talk to each other while still allowing the security you are looking for. Honestly, and at least in my opinion, I would say most folks would not consider a smart TV to be part of the IoT family, as IoT devices are usually things like smart plugs, lights, wall switches, microwaves, ovens, etc...basically single function devices that do not run apps. Your TV is capable of running multiple apps (every streaming service is its own app) and has a complex operating system, unlike a "smart" plug or other IoT devices. TV manufacturers get a lot more scrutiny than the hundreds (if not thousands) of offshore manufacturers of smart plugs and the like, and this is where the security concerns with IoT devices lies. No one knows with certainty how much and what data these things are collecting and phoning home with, therefore the reason for isolating them. I would put my Plex server and all my TVs on the same network, and then isolate all your "smart" plugs, lights, light switches, etc either via VLAN or a separate network. Hope this helps?
 
custmblt said:
I would like to have my Plex server available to my IOT devices (TV;s) that are separated from my normal network but still on the same router (rt-ax86u pro) My home network is setup on 10.xxx.xxx.1 and the guest and IOT network is setup on 192.xxx.xxx.1 not sure how to safely do this other than remotely connected and that does work but is much slower that to use just local LAN traffic. I don't trust these new smart TV's to behave on my network.
Click to expand...
If you are not using AiMesh, one option is to install Asus-Merlin firmware on the Asus router if your router is supported. Then install the YazFi addon script. The YazFi addon script adds some additional configuration options to Guest Networks including the option to use custom firewall scripting to allow YazFi Guest Network clients to access a main LAN client.

Home | Asuswrt-Merlin

www.asuswrt-merlin.net www.asuswrt-merlin.net
www.snbforums.com

YazFi - YazFi v4.x - continued

v4.4.4 Updated 2023-11-26 Feature expansion of guest WiFi networks on AsusWRT-Merlin, including, but not limited to: * Dedicated VPN WiFi networks * Separate subnets for organisation of devices * Restrict guests to only contact router for ICMP, DHCP, DNS, NTP and NetBIOS * Allow guest networks...
www.snbforums.com www.snbforums.com
github.com

GitHub - jackyaz/YazFi: Feature expansion of guest WiFi networks on AsusWRT-Merlin, including SSID -> VPN, separate subnets per guest network, pinhole access to LAN resources (e.g. DNS) and more!

Feature expansion of guest WiFi networks on AsusWRT-Merlin, including SSID -> VPN, separate subnets per guest network, pinhole access to LAN resources (e.g. DNS) and more! - jackyaz/YazFi
github.com github.com
Some past posts on using YazFi custom firewall scripting to open communication between a YazFi Guest Network client and a main LAN client.
https://www.snbforums.com/threads/allowing-access-to-selected-network-devices.80405/#post-784521
https://www.snbforums.com/threads/help-with-iptables-script.87827/#post-878058

Otherwise like already suggested above, if you have a Pro series router that has 3.0.0.6.x firmware support, you can try using the Guest Network Pro feature. May take some trial and error to get the Guest Network Pro/VLAN to work right for what you seek.
 
If you have ACLs in firewall rules with the new software you should be able to do it. Otherwise, you can use a layer 3 switch with ACLs. I do it on my Cisco layer3 switch with ACLs. I share a printer.
 
RobJack said:
What I meant by adding a layer 3 device is to add either another router, or (preferably) a Layer 3 switch (which will route) and put all of the other private network on it. This will allow the two networks to talk to each other while still allowing the security you are looking for. Honestly, and at least in my opinion, I would say most folks would not consider a smart TV to be part of the IoT family, as IoT devices are usually things like smart plugs, lights, wall switches, microwaves, ovens, etc...basically single function devices that do not run apps. Your TV is capable of running multiple apps (every streaming service is its own app) and has a complex operating system, unlike a "smart" plug or other IoT devices. TV manufacturers get a lot more scrutiny than the hundreds (if not thousands) of offshore manufacturers of smart plugs and the like, and this is where the security concerns with IoT devices lies. No one knows with certainty how much and what data these things are collecting and phoning home with, therefore the reason for isolating them. I would put my Plex server and all my TVs on the same network, and then isolate all your "smart" plugs, lights, light switches, etc either via VLAN or a separate network. Hope this helps?
Click to expand...
Well said and yes that helps. I haven't trusted the smart TV's because it was my believe that most of them are running older version of android that are no longer getting security patches? That said I replace all my TV's with Roku's as they do seem to keep up with security patches. I like the idea of using VLANs but haven't see any options for VLAN support in the RT86u-Pro, I do also like the idea of using another router(layer 3). Thanks for the great ideas and support.
 
bennor said:
If you are not using AiMesh, one option is to install Asus-Merlin firmware on the Asus router if your router is supported. Then install the YazFi addon script. The YazFi addon script adds some additional configuration options to Guest Networks including the option to use custom firewall scripting to allow YazFi Guest Network clients to access a main LAN client.

Home | Asuswrt-Merlin

www.asuswrt-merlin.net www.asuswrt-merlin.net
www.snbforums.com

YazFi - YazFi v4.x - continued

v4.4.4 Updated 2023-11-26 Feature expansion of guest WiFi networks on AsusWRT-Merlin, including, but not limited to: * Dedicated VPN WiFi networks * Separate subnets for organisation of devices * Restrict guests to only contact router for ICMP, DHCP, DNS, NTP and NetBIOS * Allow guest networks...
www.snbforums.com www.snbforums.com
github.com

GitHub - jackyaz/YazFi: Feature expansion of guest WiFi networks on AsusWRT-Merlin, including SSID -> VPN, separate subnets per guest network, pinhole access to LAN resources (e.g. DNS) and more!

Feature expansion of guest WiFi networks on AsusWRT-Merlin, including SSID -> VPN, separate subnets per guest network, pinhole access to LAN resources (e.g. DNS) and more! - jackyaz/YazFi
github.com github.com
Some past posts on using YazFi custom firewall scripting to open communication between a YazFi Guest Network client and a main LAN client.
https://www.snbforums.com/threads/allowing-access-to-selected-network-devices.80405/#post-784521
https://www.snbforums.com/threads/help-with-iptables-script.87827/#post-878058

Otherwise like already suggested above, if you have a Pro series router that has 3.0.0.6.x firmware support, you can try using the Guest Network Pro feature. May take some trial and error to get the Guest Network Pro/VLAN to work right for what you seek.
Click to expand...
Yes, I am using asus-merlin firmware. I just loaded the yazfi on the router does indeed bring extra funtion as you alluded too, thank you.
 
You must log in or register to reply here.

Similar threads

M
Any workaround to expand Guest Network 'features' on Mesh for IoT Devices | AX86U
Replies
2
Views
303
ChatmanR
ChatmanR
arx
Issues with Guest Networks on TUF-AX5400 AiMesh System
Replies
3
Views
551
arx
arx
F
Bought asus rt-ax86u pro router
Replies
4
Views
514
bennor
B
C
Prospective RT-AX86U Pro purchase
Replies
8
Views
1K
calzor suzay
C
mv10
AX86U Pro router and non-Pro AP
Replies
7
Views
454
Tech9
Tech9

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 1,280 (members: 27, guests: 1,253)
Top