Hi all,
I never used Mikrotik products professionaly, but for the last 10 years buy and install them in every ocasion for my friends and family. I have some experience in network configuration, but the task that I have seems to be above my level of competence. The network layout is shown below:I want to achieve the following:
After upgrade to 7.13 I have only local forwarding option available on CAPs and that means that traffic from 3 WiFi network mixes and I cannot manipulate it on Mikrotik router.
I thought about creating VLANs, but it has no encryption and any devices connected to the switch can technically access devices in all WiFi networks. I would like to have a certain level of security since many sensitive devices are connected to Home Automation WiFi: like gas boiler, locks, lamps, etc.
One solution that I have in mind is to reconnect CAPs to Mikrotik router through PoE injectors. It won't look pretty, but it shall be more secure, since devices connected to the switch will not be able to reach home automation. Then create VLANs for each WiFi and keep switch connected with no VLAN
Any better solution that I'm missing?
Thank you!
I never used Mikrotik products professionaly, but for the last 10 years buy and install them in every ocasion for my friends and family. I have some experience in network configuration, but the task that I have seems to be above my level of competence. The network layout is shown below:I want to achieve the following:
- Devices with yellow dots can access Internet
- Home devices can access each other, plus Home Server
- Only home server can access devices in Home Automation WiFi
- Devices in Home Automation WiFi cannot access anything except Home Server
- Guest devices can access only Internet and not each other
After upgrade to 7.13 I have only local forwarding option available on CAPs and that means that traffic from 3 WiFi network mixes and I cannot manipulate it on Mikrotik router.
I thought about creating VLANs, but it has no encryption and any devices connected to the switch can technically access devices in all WiFi networks. I would like to have a certain level of security since many sensitive devices are connected to Home Automation WiFi: like gas boiler, locks, lamps, etc.
One solution that I have in mind is to reconnect CAPs to Mikrotik router through PoE injectors. It won't look pretty, but it shall be more secure, since devices connected to the switch will not be able to reach home automation. Then create VLANs for each WiFi and keep switch connected with no VLAN
Any better solution that I'm missing?
Thank you!
Statistics: Posted by Darland — Sun Jan 28, 2024 8:13 pm