Advice on home network equipment

lehrblogger

Novice Member
@Streamer73 @oneman thank you, this was helpful!

I hadn't known about the "Restricted Access" setting, and it might be sufficient, so that's great. What would be an example of a default gateway that supported ACLs?

As for inspecting/restricting traffic, I think I'll save that for a future enhancement. In the meantime, do I need a separate edge firewall/router, in addition to an Aruba Instant On POE switch and a few APs?
 

oneman

Well-known Member
I would expect most routers have basic ACL capabilities. They should also allow to blacklist sites by IP, URL and keywords and internally I can apply that setting to a individual device or all devices.

Personally use a Asus AX88U which has all this and a lot more configuration but Netgear and other brands should as well. You might need to click on advanced to get access to all the settings.

Also have a look at PiHole which allows blocking functionality as well.

As for Aruba device, haven't used that model but it does seem to have firewall functionality but that may only apply to devices that are connected to it. Anything plugged directly into the router will bypass those restrictions.
 

Streamer73

Active Member
If you’re just looking to have a separate guest network with Aruba IO then you can either have the APs do the IP addressing for your guest SSID (NAT mode) or use normal mode with Restricted Access enabled, both would achieve the same thing with the need for separate subnets.

When you create an SSID you can choose whether it is ‘Employee’ or ‘Guest’ - by default guest has both NAT mode and Restricted access enabled so you can allow traffic to the printer safely.

HTH!
 

lehrblogger

Novice Member
@oneman I had heard of PiHole but not looked into it much until now – this should work well. Thank you!

@Streamer73 Ok, that makes sense for the printer. If I wanted an isolated VLAN for IOT devices (as mentioned by the OP), would Aruba IO's Router Mode support the necessary firewall rules, e.g. allowing established but not new connections? If not, could I get a separate firewall device and configure my Aruba IO switch and APs in Private Network Mode? Thanks again!
 

The latest video from AVForums

Toy Stories - Turning Toys into Blockbuster Movies
Subscribe to our YouTube channel
Support AVForums with Patreon

Top Bottom