Ubiquiti firmware updates:
My UDM-Pro (also for UDMB) is on beta 1.8.3-3, recommended.
There is another beta for AP & switches 5.43.10.12465, recommended.
Have a nice
weekend to all.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Unifi Dream Machine
- Thread starter tbone7467
- Start date
- Sort by reaction score
My UDM-Pro (also for UDMB) is on beta 1.8.3-3, recommended.
There is another beta for AP & switches 5.43.10.12465, recommended.
Have a nice
weekend to all.Scored the UDM-Pro today 80 off. Just couldnt pass it up. You guys convinced me. I hope its as amazing as you walk about. ill try running it in parallel with my regular network. so that my work connection isnt affected until i get this u and running
Ok I dove into it a little. I won’t be able to switch my network over completely til I figure things out.
VLan IOT
I have:
august lock
2 AppleTVs
2 Homepods
Lutron caseta lighting
Lennox smart thermostat
Unifi Protect camera (TBD)
Plex
2 denon receivers.
Playstation 4/5
While some of these are IOT devices, EXCEPT plex which I prefer on my main VLan, how do I put these on a separate VLan but still allow interoperability between each other an my iPhone. I use the automation apps on my phone a lot. Not being able to use them would keep my from isolating my devices.
any help is greatly appreciated. When you don’t know you ask someone smarter then you so...
VLan IOT
I have:
august lock
2 AppleTVs
2 Homepods
Lutron caseta lighting
Lennox smart thermostat
Unifi Protect camera (TBD)
Plex
2 denon receivers.
Playstation 4/5
While some of these are IOT devices, EXCEPT plex which I prefer on my main VLan, how do I put these on a separate VLan but still allow interoperability between each other an my iPhone. I use the automation apps on my phone a lot. Not being able to use them would keep my from isolating my devices.
any help is greatly appreciated. When you don’t know you ask someone smarter then you so...
Last edited:
You can configure mDNS reflector on your Ubiquiti router - this will proxy Multicast advertisements across subsets, which Apple devices use for service discovery.
However, there is no real reason to segment your home network into multiple VLANs - what are you really trying to achieve by this? Place everything on a single home VLAN, and eveyrthing will work seamlessly.
Focus on securing each IOT (and non-IOT) device you use, to minimize the chances of then being compromised.
Just placing IOT devices on a separate VLAN does little to nothing to improve overall security, especially if you open up connectivity between “home” and IOT subnets.
As soon as you route between the IoT VLAN and “main” VLAN, your security argument goes out the window. If you give the IoT VLAN access to the Internet only and don’t grant access to the “main” VLAN, your apps will still work using their cloud capability and not direct network access.
You may be able to do this already by giving your IoT devices access to your router’s guest network which usually doesn’t have local network access.
It’s a common home labbers belief that VLANs are essential to home networking...
I never said essential. I have been reading this is best practice as well as having a guest network. You don't know until you know.
Ctyrider can you elaborate on securing each device.
EmmEff - I agree once you start poking port holes into your VLAN it becomes completely insecure. I read that you could make rules that IOT devices can only communicate to devices on your main LAN that have initiated conversations, that the IOT devices cant initiate any conversation to a diffrent VLAN. would this still be pointless or is that acceptable?
I'm just looking for guidance. I'm looking to increase my knowledge of thing and have some fun in the process. Theories I get sometimes but sometimes I need exact examples.
Ctyrider can you elaborate on securing each device.
EmmEff - I agree once you start poking port holes into your VLAN it becomes completely insecure. I read that you could make rules that IOT devices can only communicate to devices on your main LAN that have initiated conversations, that the IOT devices cant initiate any conversation to a diffrent VLAN. would this still be pointless or is that acceptable?
I'm just looking for guidance. I'm looking to increase my knowledge of thing and have some fun in the process. Theories I get sometimes but sometimes I need exact examples.