Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 
22892 posts

Uber Geek

Trusted
Subscriber

  # 2321500 20-Sep-2019 18:35
Send private message

I've found many iot things assume a /24 for the network and freak out when larger. So need to split it for that reason. Also my outdoor up cams all have their own vlans and ssids.

Iot junk make updating wpa key or said hard so I have a longer complex wpa key for iot things since it will probably never be changed. Wpa keys are the one place that regular changing and having complex ones make sense.




Richard rich.ms

7195 posts

Uber Geek

Trusted
Subscriber

  # 2321505 20-Sep-2019 18:48
Send private message

Hi so your a domestic residence with more than 250 devices including IoT??

Cyril

 
 
 
 




2755 posts

Uber Geek

Trusted
Subscriber

  # 2321519 20-Sep-2019 19:11
One person supports this post
Send private message

cyril7: Hi is there any real reason to isolate IoT stuff from your main network, how many IoT devices do you have and what's your logic for separating them, just asking as a network engineer as to your reason.

Cyril


I'm pretty dubious about security on a lot of this stuff. Much of it never gets a firmware update and has a nasty tendency to phone home. I'd prefer to keep everything pretty locked down and locally controlled.

It also gives me something that scales. At the moment it's about 15-20 devices but knowing my OCD it's only going up.

22892 posts

Uber Geek

Trusted
Subscriber

  # 2321531 20-Sep-2019 20:00
Send private message

cyril7: Hi so your a domestic residence with more than 250 devices including IoT??

Cyril

 

Its more having many things on static allocations in strange places, like all the fire tv devices are in the 172.16.2.70-79 range, etc which means I dont have a large enough contiguious block to use for DHCP.

 

Also past devices with no security like belkin wemo would be accessible to anyone on the wifi and it would also learn them into the app so they could then remote control them, so I wanted them off the main lan range that I let other people use.

 

If I get all the $5 wifi strip controllers up and running like I have been meaning to, I would be well over 150 devices on the network.





Richard rich.ms

820 posts

Ultimate Geek


  # 2321599 20-Sep-2019 21:07
Send private message

Could be fun when an IoT gimmick reveals your wifi password and eMail credentials. :-)





- ISP1: T-OneBox FTTH modem, 1/.5G, full DS, VLAN7, VoIP + ipTV streaming flat

 

- ISP2: 4G/LTE USB modem + TL-MR3020, 100/40M data plan (wireless fallback)

 

- NET: ZBOX nano router, 2 C2960X-48TS-L, 2 GWN7630, 1 GWN7610, 2 UPS

 

- SVR: E3C236 32G/20T, 2 H2 16G/500G, HC1 5T, N2 128G | HC2 14T, HC2 1T

 

- USR: DeskMini 310, NUC8i7HVK, Aspire E5, EliteBook 840, Galaxy Tab, 2 4K TVs

 

- IoT: 4 LoRaWAN public gateways, CCU3 (openHAB, MQTT, Grafana), ESP32

 

- 3D: Ender-3, Ender-3 Pro, Ultimaker 2E+, Ultimaker 3, Ultimaker S5, MP-CNC

 

- ipPBX: GRP2613, GO-Box 100, SPA112 (Fax and W-48, a 1948 Siemens phone)


115 posts

Master Geek


  # 2321812 21-Sep-2019 08:28
Send private message

as others have mentioned unifi flex-hd ticks your boxes - it's no longer beta access and is now in the general availability unifi store, so presumably stocks should be available here soonish - maybe drop gowifi an email?

 

https://store.ui.com/products/unifi-flexhd

 

 

 

 


7195 posts

Uber Geek

Trusted
Subscriber

  # 2321830 21-Sep-2019 08:55
Send private message

So re security issues, are the vlans routing on a L3 switch or Router/Firewall, and regardless I presume the switch has ACLs to block inter-vlan traffic and the Router/Firewall also has rules to block??? or can traffic route.

 

Further, paranoia of IoT and cameras etc accessing other devices on your network, one presumes there are firewalls on all your PC/Laptops/tablets to block inbound initiated connections (this is normal) or have you let them loose. If you have open shares then you might have an issue I guess, but beyond that, seems like paranoia, but each to their own.

 

Cyril


1 | 2 
View this topic in a long page with up to 500 replies per page Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Netflix releases 21 Studio Ghibli works
Posted 22-Jan-2020 11:42


Vodafone integrates eSIM into device and wearable roadmap
Posted 17-Jan-2020 09:45


Do you need this camera app? Group investigates privacy implications
Posted 16-Jan-2020 03:30


JBL launches headphones range designed for gaming
Posted 13-Jan-2020 09:59


Withings introduces ScanWatch wearable combining ECG and sleep apnea detection
Posted 9-Jan-2020 18:34


NZ Police releases public app
Posted 8-Jan-2020 11:43


Suunto 7 combine sports and smart features on new smartwatch generation
Posted 7-Jan-2020 16:06


Intel brings innovation with technology spanning the cloud, network, edge and PC
Posted 7-Jan-2020 15:54


AMD announces high performance desktop and ultrathin laptop processors
Posted 7-Jan-2020 15:42


AMD unveils four new desktop and mobile GPUs including AMD Radeon RX 5600
Posted 7-Jan-2020 15:32


Consolidation in video streaming market with Spark selling Lightbox to Sky
Posted 19-Dec-2019 09:09


Intel introduces cryogenic control chip to enable quantum computers
Posted 10-Dec-2019 21:32


Vodafone 5G service live in four cities
Posted 10-Dec-2019 08:30


Samsung Galaxy Fold now available in New Zealand
Posted 6-Dec-2019 00:01


NZ company oDocs awarded US$ 100,000 Dubai World Expo grant
Posted 5-Dec-2019 16:00



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.